vulnerability context

CVE-2025-6965

CVSS 9.8 CRITICALEPSS 83%CWE-197

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

Published 2025-07-15 · last modified 2026-04-14

details

CISA KEV status: Not in catalog
CVSS v3: 9.8 / CRITICAL
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS: 83% percentile (score 0.0169)
CWE: CWE-197

View on NVD → · cve.org

source mentions 2

[boredchilada] ~Cisa~ Critical SQLite flaws in ABB B&R Automation Studio <6.5 risk RCE & data exposure. Update to v6.5. - IOCs: CV...Bluesky · 16d ago
CVE-2025-6965 Integer Truncation on SQLiteMSRC Update Guide · 28d ago

source consensus

Bluesky1×
MSRC Update Guide1×

Want the 3-bullet summary of CVE-2025-6965, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →