CVE-2025-9900HIGH 8.8EPSS p49.7%

CVE-2025-9900CVE-2025-9900

Description

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.74% probability of exploitation · percentile 49.7% · 2026-06-19T12:03:05Z
Published2025-09-23
Last modified2026-04-20

Underlying weaknesses· 1

CWE-123

References

  1. https://access.redhat.com/errata/RHSA-2025:17651
  2. https://access.redhat.com/errata/RHSA-2025:17675
  3. https://access.redhat.com/errata/RHSA-2025:17710
  4. https://access.redhat.com/errata/RHSA-2025:17738
  5. https://access.redhat.com/errata/RHSA-2025:17739
  6. https://access.redhat.com/errata/RHSA-2025:17740
  7. https://access.redhat.com/errata/RHSA-2025:19113
  8. https://access.redhat.com/errata/RHSA-2025:19156

1

TypeTargetConfidenceTier
WeaknessWrite-what-where Conditioncwe-1230%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-4775
CVE
CVE-2023-52356
CVE
CVE-2026-46599
CVE
CVE-2025-43961
CVE
CVE-2026-5201
CVE
CVE-2026-21413
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.