CVE-2025-66861

ℹ️ low

Summary

An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file.

CVSS Score

2.5

Low

EPSS Score

0.0

Exploit Probability

Published Date

2025-12-29

First Seen: 2026-01-05

Last Modified 2026-01-14

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE IDs (Weakness Types)

CWE-400

🔗 References 2

https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfil...

Exploit Third Party Advisory

https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfil...

Exploit Third Party Advisory

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
gnu	binutils	Affected	v2.26

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-66862	⚠️ high	7.5	0.1	A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a...	2025-12-29
CVE-2025-66863	⚠️ high	7.5	0.1	An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a d...	2025-12-29
CVE-2025-66864	⚠️ high	7.5	0.0	An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause ...	2025-12-29
CVE-2025-66865	⚠️ high	7.5	0.1	An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause ...	2025-12-29
CVE-2025-66866	⚠️ high	7.5	0.0	An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial...	2025-12-29
CVE-2025-11839	ℹ️ low	3.3	0.0	A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Perf...	2025-10-16

These CVEs affect the same products