CVE-2025-55100CRITICAL 9.1EPSS p39.5%

CVE-2025-55100CVE-2025-55100

Description

In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio10_sam_parse_func() when parsing a list of sampling frequencies.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS0.51% probability of exploitation · percentile 39.5% · 2026-06-19T12:03:05Z
Published2025-10-17
Last modified2025-10-23

Underlying weaknesses· 1

CWE-125

References

  1. https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-j253-w29r-9m48

1

TypeTargetConfidenceTier
WeaknessOut-of-bounds Readcwe-1250%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-55089
CVE
Linux Kernel Out-of-Bounds Read Vulnerability
CVE
Linux Kernel Out-of-Bounds Access Vulnerability
CVE
CVE-2025-59610
CVE
CVE-2025-55081
CVE
CVE-2025-55086
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.