CVEFinder.io

CVE-2025-65085

⛔ critical
🔍 Scan for this CVE
Summary

A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.207 and prior that could allow an attacker to disclose information or execute arbitrary code.

CVSS Score
9.8
Critical
EPSS Score
0.1
Exploit Probability
Published Date
2025-11-25
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Very High Risk - more severe than 90.4% of all 321,566 vulnerabilities in our database.

#30,777
Top 10% most severe
Severity Percentile
Last Modified 2025-11-28
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Vector 4.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE IDs (Weakness Types)
CWE-122

📦 Affected Products 5

Vendor Product Status Affected Versions
ashlar cobalt Affected
≤ 12.2.1204.207
ashlar xenon Affected
≤ 12.2.1204.207
ashlar argon Affected
≤ 12.2.1204.207
ashlar lithium Affected
≤ 12.2.1204.207
ashlar cobalt_share Affected
≤ 12.2.1204.207

🔗 References 1

https://www.cisa.gov/news-events/ics-advisories/icsa...
Third Party Advisory US Government Resource

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-65086 ⚠️ high 7.8 0.0 An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share version... 2026-05-12
CVE-2025-65087 ⚠️ high 7.8 0.0 An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions... 2026-05-12
CVE-2025-65088 ⚠️ high 7.8 0.0 An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions... 2026-05-12
CVE-2025-65084 ⛔ critical 9.8 0.1 An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share version... 2025-11-25
CVE-2025-11463 ⚠️ high 7.8 0.1 Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows rem... 2025-10-29
CVE-2025-11464 ⚠️ high 7.8 0.1 Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability ... 2025-10-29
These CVEs affect the same products