CVE-2025-10101HIGH 7.8EPSS p4.1%

CVE-2025-10101CVE-2025-10101

Description

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Mach-O file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25090300. The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.

Scoring

CVSS 3.17.8 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.14% probability of exploitation · percentile 4.1% · 2026-06-19T12:03:05Z
Published2025-12-01
Last modified2026-06-12

Underlying weaknesses· 2

CWE-122CWE-787

References

  1. https://www.gendigital.com/us/en/contact-us/security-advisories/

2

TypeTargetConfidenceTier
WeaknessHeap-based Buffer Overflowcwe-1220%live
WeaknessOut-of-bounds Writecwe-7870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-8351
CVE
CVE-2025-3500
CVE
Apple Multiple Products Classic Buffer Overflow Vulnerability
CVE
Apple Multiple Buffer Overflow Vulnerability
CVE
CVE-2025-20260
CVE
Apple macOS Out-of-Bounds Write Vulnerability
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.