CVE-2025-5099CRITICAL 9.8EPSS p42.9%

CVE-2025-5099CVE-2025-5099

Description

An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.58% probability of exploitation · percentile 42.9% · 2026-06-19T12:03:05Z
Published2025-05-23
Last modified2025-10-08

Underlying weaknesses· 2

CWE-119CWE-787

References

  1. https://korelogic.com/Resources/Advisories/KL-001-2025-004.txt
  2. https://korelogic.com/Resources/Advisories/KL-001-2025-004.txt

2

TypeTargetConfidenceTier
WeaknessImproper Restriction of Operations within the Bounds of a Memory Buffercwe-1190%live
WeaknessOut-of-bounds Writecwe-7870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-54627
CVE
CVE-2025-48530
CVE
CVE-2026-0006
CVE
CVE-2026-2648
CVE
Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability
CVE
CVE-2025-1918
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.