CVE-2025-69195HIGH 8.8EPSS p20.6%

CVE-2025-69195CVE-2025-69195

Description

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.29% probability of exploitation · percentile 20.6% · 2026-06-18T12:00:27Z
Published2026-01-09
Last modified2026-03-05

Underlying weaknesses· 1

CWE-121

References

  1. https://access.redhat.com/security/cve/CVE-2025-69195
  2. https://bugzilla.redhat.com/show_bug.cgi?id=2425770

1

TypeTargetConfidenceTier
WeaknessStack-based Buffer Overflowcwe-1210%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-69194
CVE
CVE-2025-7039
CVE
CVE-2025-70314
CVE
CVE-2025-14512
CVE
CVE-2025-60876
CVE
CVE-2025-59295
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.