CVE-2025-52584 | Ashlar-Vellum Cobalt/Xenon/Argon/Lithium/Cobalt Share prior 12.6.1204.204 XE File Parser heap-based overflow (icsa-25-224-01)

Inserito da Angelo Barbosa | Ago 12, 2025 | CVE

A vulnerability classified as critical was found in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium and Cobalt Share. Affected by this vulnerability is an unknown functionality of the component XE File Parser. The manipulation leads to heap-based buffer overflow.

This vulnerability is known as CVE-2025-52584. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-52584 | Ashlar-Vellum Cobalt/Xenon/Argon/Lithium/Cobalt Share prior 12.6.1204.204 XE File Parser heap-based overflow (icsa-25-224-01)

Post correlati

CVE-2024-4895 | wpDataTables Plugin up to 3.4.2.12 on WordPress CSV Import cross site scripting

CVE-2024-10265 | 10Web Form Maker Plugin up to 1.15.30 on WordPress add_query_arg cross site scripting

CVE-2024-0551 | mintplex-labs anything-llm up to 0.0.x Export access control

CVE-2024-49779 | IBM OpenPages with Watson 8.3/9.0 Session ID Cookie cross-site request forgery