CVE-2025-65088

Summary

An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.

Affected Software

VendorProductVersion RangeStatus
Ashlar-VellumCobalt0 <= 12.6.1204.216affected
Ashlar-VellumXenon0 <= 12.6.1204.216affected
Ashlar-VellumArgon0 <= 12.6.1204.216affected
Ashlar-VellumLithium0 <= 12.6.1204.216affected
Ashlar-VellumCobalt Share0 <= 12.6.1204.216affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References