K000160723: libxslt vulnerability CVE-2025-10911

🗓️ 13 Apr 2026 16:15:10Reported by f5Type

f5🔗 my.f5.com👁 7 Views

Libxslt use-after-free during XSL parsing may crash apps and cause denial of service (CVE-2025-10911).

Reporter	Title	Published	Views	Family All 133
ATTACKERKB	CVE-2025-10911	25 Sep 202515:13	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : libxslt, libxslt-devel, python3-libxslt (ALAS2023-2025-1228)	28 Oct 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : libxslt (EulerOS-SA-2026-1253)	10 Mar 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : libxslt (EulerOS-SA-2026-1289)	10 Mar 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : libxslt (EulerOS-SA-2026-1374)	16 Mar 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : libxslt (EulerOS-SA-2026-1405)	16 Mar 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.12.1 : libxslt (EulerOS-SA-2026-1443)	17 Mar 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.12.0 : libxslt (EulerOS-SA-2026-1500)	17 Mar 202600:00	–	nessus
Tenable Nessus	Fedora 42 : mingw-libxslt (2026-00347cea5e)	22 Jan 202600:00	–	nessus
Tenable Nessus	Fedora 43 : mingw-libxslt (2026-84be018d47)	22 Jan 202600:00	–	nessus

Vulners

Node

f5 big-ip_next_cgnat_cnfMatch2.2.1

OR

f5 big-ip_next_cgnat_cnfMatch2.2.0

OR

f5 big-ip_next_cgnat_cnfMatch2.1.1

OR

f5 big-ip_next_cgnat_cnfMatch2.1.0

OR

f5 big-ip_next_cgnat_cnfMatch2.0.3

OR

f5 big-ip_next_cgnat_cnfMatch2.0.2

OR

f5 big-ip_next_cgnat_cnfMatch2.0.1

OR

f5 big-ip_next_cgnat_cnfMatch2.0.0

OR

f5 big-ip_next_cgnat_cnfMatch1.4.1

OR

f5 big-ip_next_cgnat_cnfMatch1.4.0

OR

f5 big-ip_next_cgnat_cnfMatch1.3.3

OR

f5 big-ip_next_cgnat_cnfMatch1.3.2

OR

f5 big-ip_next_cgnat_cnfMatch1.3.1

OR

f5 big-ip_next_cgnat_cnfMatch1.3.0

OR

f5 big-ip_next_cgnat_cnfMatch1.2.1

OR

f5 big-ip_next_cgnat_cnfMatch1.2.0

OR

f5 big-ip_next_cgnat_cnfMatch1.1.1

OR

f5 big-ip_next_cgnat_cnfMatch1.1.0

OR

f5 big-ip_next_dns_cnfMatch2.2.1

OR

f5 big-ip_next_dns_cnfMatch2.2.0

OR

f5 big-ip_next_dns_cnfMatch2.1.1

OR

f5 big-ip_next_dns_cnfMatch2.1.0

OR

f5 big-ip_next_dns_cnfMatch2.0.3

OR

f5 big-ip_next_dns_cnfMatch2.0.2

OR

f5 big-ip_next_dns_cnfMatch2.0.1

OR

f5 big-ip_next_dns_cnfMatch2.0.0

OR

f5 big-ip_next_dns_cnfMatch1.4.1

OR

f5 big-ip_next_dns_cnfMatch1.4.0

OR

f5 big-ip_next_dns_cnfMatch1.3.3

OR

f5 big-ip_next_dns_cnfMatch1.3.2

OR

f5 big-ip_next_dns_cnfMatch1.3.1

OR

f5 big-ip_next_dns_cnfMatch1.3.0

OR

f5 big-ip_next_dns_cnfMatch1.2.1

OR

f5 big-ip_next_dns_cnfMatch1.2.0

OR

f5 big-ip_next_dns_cnfMatch1.1.1

OR

f5 big-ip_next_dns_cnfMatch1.1.0

OR

f5 big-ip_next_edge_firewall_cnfMatch2.2.1

OR

f5 big-ip_next_edge_firewall_cnfMatch2.2.0

OR

f5 big-ip_next_edge_firewall_cnfMatch2.1.1

OR

f5 big-ip_next_edge_firewall_cnfMatch2.1.0

OR

f5 big-ip_next_edge_firewall_cnfMatch2.0.3

OR

f5 big-ip_next_edge_firewall_cnfMatch2.0.2

OR

f5 big-ip_next_edge_firewall_cnfMatch2.0.1

OR

f5 big-ip_next_edge_firewall_cnfMatch2.0.0

OR

f5 big-ip_next_edge_firewall_cnfMatch1.4.1

OR

f5 big-ip_next_edge_firewall_cnfMatch1.4.0

OR

f5 big-ip_next_edge_firewall_cnfMatch1.3.3

OR

f5 big-ip_next_edge_firewall_cnfMatch1.3.2

OR

f5 big-ip_next_edge_firewall_cnfMatch1.3.1

OR

f5 big-ip_next_edge_firewall_cnfMatch1.3.0

OR

f5 big-ip_next_edge_firewall_cnfMatch1.2.1

OR

f5 big-ip_next_edge_firewall_cnfMatch1.2.0

OR

f5 big-ip_next_edge_firewall_cnfMatch1.1.1

OR

f5 big-ip_next_edge_firewall_cnfMatch1.1.0

OR

f5 big-ip_next_for_kubernetesMatch2.2.1

OR

f5 big-ip_next_for_kubernetesMatch2.2.0

OR

f5 big-ip_next_for_kubernetesMatch2.1.1

OR

f5 big-ip_next_for_kubernetesMatch2.1.0

OR

f5 big-ip_next_for_kubernetesMatch2.0.0

OR

f5 big-ip_next_spkMatch2.0.3

OR

f5 big-ip_next_spkMatch2.0.2

OR

f5 big-ip_next_spkMatch2.0.1

OR

f5 big-ip_next_spkMatch2.0.0

OR

f5 big-ip_next_spkMatch1.9.2

OR

f5 big-ip_next_spkMatch1.9.1

OR

f5 big-ip_next_spkMatch1.9.0

OR

f5 big-ip_next_spkMatch1.8.2

OR

f5 big-ip_next_spkMatch1.8.0

OR

f5 big-ip_next_spkMatch1.7.16

OR

f5 big-ip_next_spkMatch1.7.15

OR

f5 big-ip_next_spkMatch1.7.14

OR

f5 big-ip_next_spkMatch1.7.13

OR

f5 big-ip_next_spkMatch1.7.12

OR

f5 big-ip_next_spkMatch1.7.11

OR

f5 big-ip_next_spkMatch1.7.10

OR

f5 big-ip_next_spkMatch1.7.9

OR

f5 big-ip_next_spkMatch1.7.8

OR

f5 big-ip_next_spkMatch1.7.7

OR

f5 big-ip_next_spkMatch1.7.6

OR

f5 big-ip_next_spkMatch1.7.5

OR

f5 big-ip_next_spkMatch1.7.4

OR

f5 big-ip_next_spkMatch1.7.3

OR

f5 big-ip_next_spkMatch1.7.2

OR

f5 big-ip_next_spkMatch1.7.1

OR

f5 big-ip_next_spkMatch1.7.0

OR

f5 big-ip_afmMatch21.0.0

OR

f5 big-ip_afmMatch17.5.1

OR

f5 big-ip_afmMatch17.5.0

OR

f5 big-ip_afmMatch17.1.3

OR

f5 big-ip_afmMatch17.1.2

OR

f5 big-ip_afmMatch17.1.1

OR

f5 big-ip_afmMatch17.1.0

OR

f5 big-ip_afmMatch16.1.6

OR

f5 big-ip_afmMatch16.1.5

OR

f5 big-ip_afmMatch16.1.4

OR

f5 big-ip_afmMatch16.1.3

OR

f5 big-ip_afmMatch16.1.2

OR

f5 big-ip_afmMatch16.1.1

OR

f5 big-ip_afmMatch16.1.0

OR

f5 big-ip_analyticsMatch21.0.0

OR

f5 big-ip_analyticsMatch17.5.1

OR

f5 big-ip_analyticsMatch17.5.0

OR

f5 big-ip_analyticsMatch17.1.3

OR

f5 big-ip_analyticsMatch17.1.2

OR

f5 big-ip_analyticsMatch17.1.1

OR

f5 big-ip_analyticsMatch17.1.0

OR

f5 big-ip_analyticsMatch16.1.6

OR

f5 big-ip_analyticsMatch16.1.5

OR

f5 big-ip_analyticsMatch16.1.4

OR

f5 big-ip_analyticsMatch16.1.3

OR

f5 big-ip_analyticsMatch16.1.2

OR

f5 big-ip_analyticsMatch16.1.1

OR

f5 big-ip_analyticsMatch16.1.0

OR

f5 big-ip_apmMatch21.0.0

OR

f5 big-ip_apmMatch17.5.1

OR

f5 big-ip_apmMatch17.5.0

OR

f5 big-ip_apmMatch17.1.3

OR

f5 big-ip_apmMatch17.1.2

OR

f5 big-ip_apmMatch17.1.1

OR

f5 big-ip_apmMatch17.1.0

OR

f5 big-ip_apmMatch16.1.6

OR

f5 big-ip_apmMatch16.1.5

OR

f5 big-ip_apmMatch16.1.4

OR

f5 big-ip_apmMatch16.1.3

OR

f5 big-ip_apmMatch16.1.2

OR

f5 big-ip_apmMatch16.1.1

OR

f5 big-ip_apmMatch16.1.0

OR

f5 big-ip_asmMatch21.0.0

OR

f5 big-ip_asmMatch17.5.1

OR

f5 big-ip_asmMatch17.5.0

OR

f5 big-ip_asmMatch17.1.3

OR

f5 big-ip_asmMatch17.1.2

OR

f5 big-ip_asmMatch17.1.1

OR

f5 big-ip_asmMatch17.1.0

OR

f5 big-ip_asmMatch16.1.6

OR

f5 big-ip_asmMatch16.1.5

OR

f5 big-ip_asmMatch16.1.4

OR

f5 big-ip_asmMatch16.1.3

OR

f5 big-ip_asmMatch16.1.2

OR

f5 big-ip_asmMatch16.1.1

OR

f5 big-ip_asmMatch16.1.0

OR

f5 big-ip_ddos_hybrid_defenderMatch21.0.0

OR

f5 big-ip_ddos_hybrid_defenderMatch17.1.0

OR

f5 big-ip_ddos_hybrid_defenderMatch16.1.0

OR

f5 big-ip_dnsMatch21.0.0

OR

f5 big-ip_dnsMatch17.5.1

OR

f5 big-ip_dnsMatch17.5.0

OR

f5 big-ip_dnsMatch17.1.3

OR

f5 big-ip_dnsMatch17.1.2

OR

f5 big-ip_dnsMatch17.1.1

OR

f5 big-ip_dnsMatch17.1.0

OR

f5 big-ip_dnsMatch16.1.6

OR

f5 big-ip_dnsMatch16.1.5

OR

f5 big-ip_dnsMatch16.1.4

OR

f5 big-ip_dnsMatch16.1.3

OR

f5 big-ip_dnsMatch16.1.2

OR

f5 big-ip_dnsMatch16.1.1

OR

f5 big-ip_dnsMatch16.1.0

OR

f5 big-ip_fpsMatch21.0.0

OR

f5 big-ip_fpsMatch17.5.1

OR

f5 big-ip_fpsMatch17.5.0

OR

f5 big-ip_fpsMatch17.1.3

OR

f5 big-ip_fpsMatch17.1.2

OR

f5 big-ip_fpsMatch17.1.1

OR

f5 big-ip_fpsMatch17.1.0

OR

f5 big-ip_fpsMatch16.1.6

OR

f5 big-ip_fpsMatch16.1.5

OR

f5 big-ip_fpsMatch16.1.4

OR

f5 big-ip_fpsMatch16.1.3

OR

f5 big-ip_fpsMatch16.1.2

OR

f5 big-ip_fpsMatch16.1.1

OR

f5 big-ip_fpsMatch16.1.0

OR

f5 big-ip_link_controllerMatch17.5.1

OR

f5 big-ip_link_controllerMatch17.5.0

OR

f5 big-ip_link_controllerMatch17.1.3

OR

f5 big-ip_link_controllerMatch17.1.2

OR

f5 big-ip_link_controllerMatch17.1.1

OR

f5 big-ip_link_controllerMatch17.1.0

OR

f5 big-ip_link_controllerMatch16.1.6

OR

f5 big-ip_link_controllerMatch16.1.5

OR

f5 big-ip_link_controllerMatch16.1.4

OR

f5 big-ip_link_controllerMatch16.1.3

OR

f5 big-ip_link_controllerMatch16.1.2

OR

f5 big-ip_link_controllerMatch16.1.1

OR

f5 big-ip_link_controllerMatch16.1.0

OR

f5 big-ip_ltmMatch21.0.0

OR

f5 big-ip_ltmMatch17.5.1

OR

f5 big-ip_ltmMatch17.5.0

OR

f5 big-ip_ltmMatch17.1.3

OR

f5 big-ip_ltmMatch17.1.2

OR

f5 big-ip_ltmMatch17.1.1

OR

f5 big-ip_ltmMatch17.1.0

OR

f5 big-ip_ltmMatch16.1.6

OR

f5 big-ip_ltmMatch16.1.5

OR

f5 big-ip_ltmMatch16.1.4

OR

f5 big-ip_ltmMatch16.1.3

OR

f5 big-ip_ltmMatch16.1.2

OR

f5 big-ip_ltmMatch16.1.1

OR

f5 big-ip_ltmMatch16.1.0

OR

f5 big-ip_pemMatch21.0.0

OR

f5 big-ip_pemMatch17.5.1

OR

f5 big-ip_pemMatch17.5.0

OR

f5 big-ip_pemMatch17.1.3

OR

f5 big-ip_pemMatch17.1.2

OR

f5 big-ip_pemMatch17.1.1

OR

f5 big-ip_pemMatch17.1.0

OR

f5 big-ip_pemMatch16.1.6

OR

f5 big-ip_pemMatch16.1.5

OR

f5 big-ip_pemMatch16.1.4

OR

f5 big-ip_pemMatch16.1.3

OR

f5 big-ip_pemMatch16.1.2

OR

f5 big-ip_pemMatch16.1.1

OR

f5 big-ip_pemMatch16.1.0

OR

f5 big-ip_ssl_orchestratorMatch21.0.0

OR

f5 big-ip_ssl_orchestratorMatch17.5.0

OR

f5 big-ip_ssl_orchestratorMatch17.1.3

OR

f5 big-ip_ssl_orchestratorMatch17.1.1

OR

f5 big-ip_ssl_orchestratorMatch17.1.0

OR

f5 big-ip_ssl_orchestratorMatch16.1.4

OR

f5 big-ip_ssl_orchestratorMatch16.1.3

OR

f5 big-ip_ssl_orchestratorMatch16.1.1

OR

f5 big-ip_ssl_orchestratorMatch16.1.0

OR

f5 f5_ai_gatewayMatch1.2.0

OR

f5 f5_ai_gatewayMatch1.1.1

OR

f5 f5_ai_gatewayMatch1.1.0

OR

f5 f5_ai_gatewayMatch1.0.2

OR

f5 f5_ai_gatewayMatch1.0.1

OR

f5 f5_ai_gatewayMatch1.0.0

OR

f5 f5_dos_for_nginxMatch4.8.0

OR

f5 f5_waf_for_nginxMatch5.12.1

OR

f5 f5_waf_for_nginxMatch5.12.0

OR

f5 f5_waf_for_nginxMatch5.11.2

OR

f5 f5_waf_for_nginxMatch5.11.1

OR

f5 f5_waf_for_nginxMatch5.11.0

OR

f5 f5_waf_for_nginxMatch5.10.1

OR

f5 f5_waf_for_nginxMatch5.10.0

OR

f5 f5_waf_for_nginxMatch5.9.1

OR

f5 f5_waf_for_nginxMatch5.9.0

OR

f5 nginx_agentMatch3.7.1

OR

f5 nginx_agentMatch3.7.0

OR

f5 nginx_agentMatch3.6.2

OR

f5 nginx_agentMatch3.6.1

OR

f5 nginx_agentMatch3.6.0

OR

f5 nginx_agentMatch3.5.1

OR

f5 nginx_agentMatch3.5.0

OR

f5 nginx_agentMatch3.4.2

OR

f5 nginx_agentMatch3.4.1

OR

f5 nginx_agentMatch3.4.0

OR

f5 nginx_agentMatch3.3.2

OR

f5 nginx_agentMatch3.3.1

OR

f5 nginx_agentMatch3.3.0

OR

f5 nginx_agentMatch3.2.1

OR

f5 nginx_agentMatch3.2.0

OR

f5 nginx_agentMatch3.1.0

OR

f5 nginx_agentMatch3.0.1

OR

f5 nginx_agentMatch3.0.0

OR

f5 nginx_agentMatch2.45.2

OR

f5 nginx_agentMatch2.45.1

OR

f5 nginx_agentMatch2.45.0

OR

f5 nginx_agentMatch2.44.0

OR

f5 nginx_agentMatch2.43.0

OR

f5 nginx_agentMatch2.42.2

OR

f5 nginx_agentMatch2.42.1

OR

f5 nginx_agentMatch2.42.0

OR

f5 nginx_agentMatch2.41.2

OR

f5 nginx_agentMatch2.41.1

OR

f5 nginx_agentMatch2.41.0

OR

f5 nginx_agentMatch2.40.1

OR

f5 nginx_agentMatch2.40.0

OR

f5 nginx_agentMatch2.39.0

OR

f5 nginx_agentMatch2.38.0

OR

f5 nginx_agentMatch2.37.0

OR

f5 nginx_agentMatch2.36.1

OR

f5 nginx_agentMatch2.36.0

OR

f5 nginx_agentMatch2.35.1

OR

f5 nginx_agentMatch2.35.0

OR

f5 nginx_agentMatch2.34.1

OR

f5 nginx_agentMatch2.34.0

OR

f5 nginx_agentMatch2.33.0

OR

f5 nginx_agentMatch2.32.2

OR

f5 nginx_agentMatch2.32.1

OR

f5 nginx_app_protect_dosMatch4.7.0

OR

f5 nginx_app_protect_dosMatch4.6.0

OR

f5 nginx_app_protect_dosMatch4.5.0

OR

f5 nginx_app_protect_dosMatch4.4.0

OR

f5 nginx_app_protect_dosMatch4.3.0

OR

f5 nginx_app_protect_wafMatch5.8.0

OR

f5 nginx_app_protect_wafMatch5.7.0

OR

f5 nginx_app_protect_wafMatch5.6.0

OR

f5 nginx_app_protect_wafMatch5.5.0

OR

f5 nginx_app_protect_wafMatch5.4.0

OR

f5 nginx_app_protect_wafMatch5.3.0

OR

f5 nginx_app_protect_wafMatch5.2.0

OR

f5 nginx_app_protect_wafMatch5.1.0

OR

f5 nginx_app_protect_wafMatch4.16.0

OR

f5 nginx_app_protect_wafMatch4.15.0

OR

f5 nginx_app_protect_wafMatch4.14.0

OR

f5 nginx_app_protect_wafMatch4.13.0

OR

f5 nginx_app_protect_wafMatch4.12.0

OR

f5 nginx_app_protect_wafMatch4.11.0

OR

f5 nginx_app_protect_wafMatch4.10.0

OR

f5 nginx_app_protect_wafMatch4.9.0

OR

f5 nginx_gateway_fabricMatch2.5.1

OR

f5 nginx_gateway_fabricMatch2.5.0

OR

f5 nginx_gateway_fabricMatch2.4.2

OR

f5 nginx_gateway_fabricMatch2.4.1

OR

f5 nginx_gateway_fabricMatch2.4.0

OR

f5 nginx_gateway_fabricMatch2.3.0

OR

f5 nginx_gateway_fabricMatch2.2.2

OR

f5 nginx_gateway_fabricMatch2.2.1

OR

f5 nginx_gateway_fabricMatch2.2.0

OR

f5 nginx_gateway_fabricMatch2.1.2

OR

f5 nginx_gateway_fabricMatch2.1.1

OR

f5 nginx_gateway_fabricMatch2.1.0

OR

f5 nginx_gateway_fabricMatch2.0.1

OR

f5 nginx_gateway_fabricMatch2.0.0

OR

f5 nginx_gateway_fabricMatch1.6.2

OR

f5 nginx_gateway_fabricMatch1.6.1

OR

f5 nginx_gateway_fabricMatch1.6.0

OR

f5 nginx_gateway_fabricMatch1.5.1

OR

f5 nginx_gateway_fabricMatch1.5.0

OR

f5 nginx_gateway_fabricMatch1.4.0

OR

f5 nginx_gateway_fabricMatch1.3.0

OR

f5 nginx_ingress_controllerMatch5.4.1

OR

f5 nginx_ingress_controllerMatch5.4.0

OR

f5 nginx_ingress_controllerMatch5.3.4

OR

f5 nginx_ingress_controllerMatch5.3.3

OR

f5 nginx_ingress_controllerMatch5.3.2

OR

f5 nginx_ingress_controllerMatch5.3.1

OR

f5 nginx_ingress_controllerMatch5.3.0

OR

f5 nginx_ingress_controllerMatch5.2.1

OR

f5 nginx_ingress_controllerMatch5.2.0

OR

f5 nginx_ingress_controllerMatch5.1.1

OR

f5 nginx_ingress_controllerMatch5.1.0

OR

f5 nginx_ingress_controllerMatch5.0.0

OR

f5 nginx_ingress_controllerMatch4.0.1

OR

f5 nginx_ingress_controllerMatch4.0.0

OR

f5 nginx_ingress_controllerMatch3.7.2

OR

f5 nginx_ingress_controllerMatch3.7.1

OR

f5 nginx_ingress_controllerMatch3.7.0

OR

f5 nginx_ingress_controllerMatch3.6.2

OR

f5 nginx_ingress_controllerMatch3.6.1

OR

f5 nginx_ingress_controllerMatch3.6.0

OR

f5 nginx_ingress_controllerMatch3.5.2

OR

f5 nginx_ingress_controllerMatch3.5.1

OR

f5 nginx_ingress_controllerMatch3.5.0

OR

f5 nginx_instance_managerMatch2.21.1

OR

f5 nginx_instance_managerMatch2.21.0

OR

f5 nginx_instance_managerMatch2.20.1

OR

f5 nginx_instance_managerMatch2.20.0

OR

f5 nginx_instance_managerMatch2.19.3

OR

f5 nginx_instance_managerMatch2.19.2

OR

f5 nginx_instance_managerMatch2.19.1

OR

f5 nginx_instance_managerMatch2.19.0

OR

f5 nginx_instance_managerMatch2.18.1

OR

f5 nginx_instance_managerMatch2.18.0

OR

f5 nginx_instance_managerMatch2.17.4

OR

f5 nginx_instance_managerMatch2.17.3

OR

f5 nginx_instance_managerMatch2.17.2

OR

f5 nginx_instance_managerMatch2.17.1

OR

f5 nginx_instance_managerMatch2.17.0

OR

f5 nginx_instance_managerMatch2.16.0

OR

f5 nginx_plusMatchr36

OR

f5 nginx_plusMatchr35

OR

f5 nginx_plusMatchr34

OR

f5 nginx_plusMatchr33

OR

f5 nginx_plusMatchr32

OR

f5 f5os-aMatch1.8.3

OR

f5 f5os-aMatch1.8.0

OR

f5 f5os-aMatch1.5.4

OR

f5 f5os-aMatch1.5.3

OR

f5 f5os-aMatch1.5.2

OR

f5 f5os-aMatch1.5.1

OR

f5 f5os-cMatch1.8.2

OR

f5 f5os-cMatch1.8.1

OR

f5 f5os-cMatch1.8.0

OR

f5 f5os-cMatch1.6.4

OR

f5 f5os-cMatch1.6.2

OR

f5 f5os-cMatch1.6.1

OR

f5 f5os-cMatch1.6.0

OR

f5 big-iq_centralized_managementMatch8.4.1

OR

f5 big-iq_centralized_managementMatch8.4.0

OR

f5 big-iq_centralized_managementMatch8.3.0

OR

f5 traffix_sdcMatch5.2.0

13 Apr 2026 16:15Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.5

EPSS0.00019

SSVC

libxslt use after free denial of service vulnerability 2025 10911 xsl parsing