CVE-2025-15571 | ckolivas lrzip up to 0.651 stream.c ucompthread null pointer dereference (Issue 263)

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability described as problematic has been identified in ckolivas lrzip up to 0.651. This vulnerability affects the function ucompthread of the file stream.c. Such manipulation leads to null pointer dereference.

This vulnerability is referenced as CVE-2025-15571. The attack can only be performed from a local environment. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2025-15571 | ckolivas lrzip up to 0.651 stream.c ucompthread null pointer dereference (Issue 263)

Post correlati

CVE-2024-3130 | CoolKIt eWeLink App prior 5.4.x on Android/iOS hard-coded credentials

CVE-2025-52926 | spytrap-org spytrap-adb up to 0.3.4 Interactive User Interface scan.rs omission of security-relevant information (EUVD-2025-18859)

CVE-2024-8772 | AXIS OS up to 12.0 VAPIX API managedoverlayimages.cgi improper validation of syntactic correctness of input

CVE-2024-39407 | Adobe Commerce/Magento Open Source up to 2.4.4-p9/2.4.5-p8/2.4.6-p6/2.4.7-p1 improper authorization (apsb24-61)