CVE-2025-66287

⚠️ high

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.

CVSS Score

8.8

High

EPSS Score

0.1

Exploit Probability

Published Date

2025-12-04

First Seen: 2026-01-05

Last Modified 2025-12-22

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE IDs (Weakness Types)

CWE-120

🔗 References 14

Vendor	Product	Status	Affected Versions
red_hat	red_hat_enterprise_linux_6	Affected	All versions
the_webkitgtk_team	webkitgtk	Affected	< 2.50.3

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-14512	🔶 medium	6.5	0.1	A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer ov...	2025-12-11
CVE-2025-14087	🔶 medium	5.6	0.3	A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a...	2025-12-10
CVE-2025-12744	⚠️ high	8.8	0.0	A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from...	2025-12-03
CVE-2025-13502	⚠️ high	7.5	0.1	A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, lea...	2025-11-25
CVE-2025-13193	🔶 medium	5.5	0.0	A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, ma...	2025-11-17
CVE-2025-12748	🔶 medium	5.5	0.1	A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files w...	2025-11-11

These CVEs affect the same products