CVE-2025-14307HIGH 8.1EPSS p19.3%

CVE-2025-14307CVE-2025-14307

Description

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files. This vulnerability can be exploited by manipulating the temporary file creation process, leading to potential unauthorized actions.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.28% probability of exploitation · percentile 19.3% · 2026-06-18T12:00:27Z
Published2025-12-09
Last modified2026-01-05

Underlying weaknesses· 1

CWE-377

References

  1. https://github.com/robo-code/robocode/pull/68

1

TypeTargetConfidenceTier
WeaknessInsecure Temporary Filecwe-3770%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-14306
CVE
CVE-2025-14308
CWE
Creation of Temporary File With Insecure Permissions
CVE
CVE-2025-57771
CVE
CVE-2025-10284
CVE
CVE-2025-65946
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.