CVE-2025-15280 | FontForge SFD File Parser use after free (ZDI-25-1188)

Inserito da Angelo Barbosa | Dic 30, 2025 | CVE

A vulnerability classified as critical was found in FontForge. The impacted element is an unknown function of the component SFD File Parser. The manipulation results in use after free.

This vulnerability is known as CVE-2025-15280. It is possible to launch the attack remotely. No exploit is available.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

CVE-2025-15280 | FontForge SFD File Parser use after free (ZDI-25-1188)

Post correlati

CVE-2024-56708 | Linux Kernel up to 5.15.173/6.1.119/6.6.63/6.11.10/6.12.1 EDAC igen6_probe memory corruption

CVE-2025-7198 | code-projects Jonnys Liquor 1.0 /admin/admin-area.php drink sql injection

CVE-2025-11727 | Omnichannel for WooCommerce Plugin up to 1.3.65 on WordPress sync cross site scripting

CVE-2023-40539 | Philips Vue PACS prior 12.2.8.410 weak password (icsma-24-200-01)