CVE-2025-12863 - Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2

CVE ID : CVE-2025-12863 Published : Nov. 7, 2025, 8:59 p.m. | 26 minutes ago Description : A flaw was found in the xmlSetTreeDoc() function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory region when the original document is destroyed. As a result, subsequent operations that access the namespace can lead to a use-after-free condition, causing an application crash. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...