CVE-2025-11015

Summary

A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution. The exploit has been made available to the public and could be exploited.

Affected Software

VendorProductVersion RangeStatus
OGRECaveOgre14.4.0affected
OGRECaveOgre14.4.1affected

Weaknesses

  • CWE-762: Mismatched Memory Management Routines
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References