High severityOSV Advisory· Published Dec 26, 2025· Updated Dec 26, 2025
CVE-2025-25341
CVE-2025-25341
Description
A vulnerability exists in the libxmljs 1.0.11 when parsing a specially crafted XML document. Accessing the internal _ref property on entity_ref and entity_decl nodes causes a segmentation fault, potentially leading to a denial-of-service (DoS).
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
libxmljsnpm | <= 1.0.11 | — |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-jv72-59wq-8rxmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-25341ghsaADVISORY
- github.com/libxmljs/libxmljs/issues/667ghsaWEB
News mentions
0No linked articles in our index yet.