CVE-2025-65086

Summary

An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed.

Affected Software

VendorProductVersion RangeStatus
Ashlar-VellumCobalt0 <= 12.6.1204.216affected
Ashlar-VellumXenon0 <= 12.6.1204.216affected
Ashlar-VellumArgon0 <= 12.6.1204.216affected
Ashlar-VellumLithium0 <= 12.6.1204.216affected
Ashlar-VellumCobalt Share0 <= 12.6.1204.216affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References