CVE-2025-26306

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 20, 2025

Updated: Feb 24, 2025

CWE ID 401

Summary

CVE-2025-26306 is a newly identified vulnerability in libming v0.4.8's read.c file. The issue lies in the readSizedString function, which suffers from a memory leak. An attacker can exploit this vulnerability by providing a specially crafted file, leading to a denial-of-service condition due to the excessive memory consumption. This memory leak can cause the application to crash or become unresponsive, potentially disrupting normal operations. Users are advised to update to a patched version of libming to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3IMPi2
https://www.cve.org/CVERecord?id=CVE-2025-26306
https://nvd.nist.gov/vuln/detail/CVE-2025-26306

Back to Vulnerability Database

CVE-2025-26306

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations