A vulnerability, which was classified as critical, has been found in DjvuNet DjVuLibre up to 3.5.28. This issue affects the function
MMRDecoder::scanruns
. The manipulation leads to out-of-bounds write.
The identification of this vulnerability is CVE-2025-53367. The attack may be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.