{"id":"JLSEC-2026-583","summary":"numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an...","details":"numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.","modified":"2026-06-08T13:33:46.924121137Z","published":"2026-06-08T13:15:35.983Z","upstream":["CVE-2025-24855","EUVD-2025-7659","GHSA-3cgj-v3m4-cgcq"],"database_specific":{"license":"CC-BY-4.0","sources":[{"id":"CVE-2025-24855","imported":"2026-06-07T01:46:46.743Z","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24855","published":"2025-03-14T02:15:15.717Z","modified":"2025-11-03T22:18:40.750Z","database_specific":{"status":"Modified"},"url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-24855"},{"id":"GHSA-3cgj-v3m4-cgcq","imported":"2026-06-07T01:46:47.117Z","published":"2025-03-14T03:31:24Z","modified":"2025-11-04T00:32:21Z","html_url":"https://github.com/advisories/GHSA-3cgj-v3m4-cgcq","url":"https://api.github.com/advisories/GHSA-3cgj-v3m4-cgcq"},{"id":"EUVD-2025-7659","imported":"2026-06-07T01:46:46.787Z","published":"2025-03-14T00:00:00Z","modified":"2026-02-26T19:09:31Z","html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-7659","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2025-7659"}]},"references":[{"type":"WEB","url":"https://github.com/advisories/GHSA-3cgj-v3m4-cgcq"},{"type":"WEB","url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/128"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00015.html"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24855"}],"affected":[{"package":{"name":"XSLT_jll","ecosystem":"Julia","purl":"pkg:julia/XSLT_jll?uuid=aed1982a-8fda-507f-9586-7b0439959a61"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.1.43+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-583.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}]}