JLSEC-2026-577

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded...

JLSEC-2026-580

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be...

EulerOS Virtualization 2.13.1 : libxslt (EulerOS-SA-2026-2140)

According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers an...

Astra Linux - уязвимость в libxslt

A flaw was discovered in the libxslt library. The same memory field, psvi, is used for both the stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may result in...

PT-2026-38846

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

BIT-JAVA-2025-10911 Libxslt: use-after-free with key data stored cross-rvt

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

Unity Linux 20.1070a Security Update: libxslt (UTSA-2026-007250)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007250 advisory. The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10,...

K000160721: libxslt vulnerability CVE-2025-11731

Security Advisory Description A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can...

Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2026-1181)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 8 : libxslt-1.1.32-5.el8 (AXSA:2021-1107:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1107:01 advisory. libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL CVE-2019-11068 libxslt: use after free in xsltCopyText in...

MiracleLinux 3 : libxslt-1.1.17-2.1.2AXS3 (AXSA:2008-83:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-83:01 advisory. libxslt is a library for transforming XML files into other XML files using the standard XSLT stylesheet transformation mechanism. CVE-2008-2935: Multiple...

MiracleLinux 9 : libxslt-1.1.34-9.el9_5.1 (AXSA:2025-9809:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9809:01 advisory. libxslt: Use-After-Free in libxslt numbers.c CVE-2025-24855 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : libxslt-1.1.32-6.1.el8_10 (AXSA:2025-9833:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9833:02 advisory. libxslt: Use-After-Free in libxslt numbers.c CVE-2025-24855 libxslt: Use-After-Free in libxslt xsltGetInheritedNsList CVE-2024-55549 Tenable has...

MiracleLinux 8 : libxslt-1.1.32-6.2.el8_10 (AXSA:2025-10008:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10008:07 advisory. libxslt: Processing web content may disclose sensitive information CVE-2023-40403 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : libxslt-1.1.34-13.el9_6 (AXSA:2025-10453:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10453:09 advisory. libxslt: Use-After-Free in libxslt xsltGetInheritedNsList CVE-2024-55549 Tenable has extracted the preceding description block directly from the MiracleLinu...

Ubuntu: Security Advisory (USN-7945-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-7424 affecting package libxslt for versions less than 1.1.34-10

CVE-2025-7424 affecting package libxslt for versions less than 1.1.34-10. A patched version of the package is available...

ROS-20251223-7305

Vulnerability in libxslt related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Tenable Nessus Multiple Vulnerabilities (TNS-2025-24)

Tenable Nessus is prone to multiple vulnerabilities in various third-party components expat, libxml2, libxslt. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2025-2587)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...