sharepoint server – Access denied for xsl files in style library

On SP2019 we have one site collection for intranet users (anonymous is not enabled).
On that intranet portal we have page that uses Content Query Web Part editor which read data from one list; it fetches only 5 items from that list.
There is NO custom xsl files.
But some users (not all) get error when accessing page:

Unable to display this Web Part. To troubleshoot the problem, open this Web page in a Microsoft SharePoint Foundation-compatible HTML editor such as Microsoft SharePoint Designer. If the problem persists, contact your Web server administrator.
Correlation ID:

When I check ULS log, I see access denied error on getting xsl files from Style library:

Exception while getting CustomXsl: System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
at Microsoft.SharePoint.SPGlobal.HandleUnauthorizedAccessException(UnauthorizedAccessException ex, Boolean allowCompleteRequest)
at Microsoft.SharePoint.Library.SPRequest.GetFileAsStream(String bstrUrl, StorePath bstrWebRelativeUrl, Boolean bHonorLevel, Byte iLevel, OpenBinaryFlags grfob, String bstrEtagNotMatch, Object punkSPFileMgr, Boolean bHonorCustomIrm, IrmProtectionParams fileIrmSettings, UInt32& pdwVirusCheckStatus, Int32& plVirusVendorId, String& pVirusCheckMessage, String& pEtagNew, String& pContentTagNew, SPFileInfo& pFileProps, Guid& pgWebIdReal, Guid& pgDoclibId)
at Microsoft.SharePoint.SPFile.GetFileStream(SPWeb web, SPResourcePath fileUrl, SPFileLevel level, OpenBinaryFlags openOptions, String etagNotMatch, ISPFileStreamManager spMgr, SPFileRightsManagementSettings rightsManagementSettings, Boolean throwOnVirusFound, SPVirusCheckStatus& virusCheckStatus, Int32& virusVendorId, String& virusCheckMessage, String& etagNew, String& contentTagNew, SPFileInfo& fileprops, Guid& doclibId, Guid& webIdForAuditing)
at Microsoft.SharePoint.SPFile.OpenBinaryStream(SPOpenBinaryOptions openOptions, String etagNotMatch, String& etagNew, String& contentTagNew)
at Microsoft.SharePoint.Publishing.WebControls.CmsDataFormWebPart.GetXslContents(String url)
at Microsoft.SharePoint.Publishing.WebControls.CmsDataFormWebPart.GetKnownXsl()
at Microsoft.SharePoint.WebPartPages.DataFormWebPart.get_CustomizedXsl()
at Microsoft.SharePoint.WebPartPages.DataFormWebPart.LoadXslCompiledTransform(WSSXmlUrlResolver someXmlResolver)

Again, there is no custom xsl files, only SP xsl files which are checked in and published.

All users have read access to Style library (as “Everybody” group). When I open the page as admin I don’t get the error and then error for that problematic user also disappears.
And then comes again after couple of days…