CVE Catalog

CVE-2025-14087

MediumCVSS 5.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.77%

51th percentile - higher than 51% of all known CVEs

Summary

A flaw in GLib (Gnome Lib) allows a remote attacker to cause heap corruption via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings, leading to denial of service or potential code execution.

Risk Assessment

The organization faces denial of service attacks and potential remote code execution, which could disrupt services or lead to system compromise.

Recommendation

Immediately update GLib to the latest patched version and monitor systems for unusual activity.

Original NVD description (English source)

A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS