CVE-2025-66865

⚠️ high

Summary

An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

CVSS Score

7.5

High

EPSS Score

0.1

Exploit Probability

Published Date

2025-12-29

First Seen: 2026-01-05

Last Modified 2026-01-14

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE IDs (Weakness Types)

CWE-121

🔗 References 1

https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfil...

Exploit Third Party Advisory

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
gnu	binutils	Affected	v2.26

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-66861	ℹ️ low	2.5	0.0	An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to caus...	2025-12-29
CVE-2025-66862	⚠️ high	7.5	0.1	A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a...	2025-12-29
CVE-2025-66863	⚠️ high	7.5	0.1	An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a d...	2025-12-29
CVE-2025-66864	⚠️ high	7.5	0.0	An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause ...	2025-12-29
CVE-2025-66866	⚠️ high	7.5	0.0	An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial...	2025-12-29
CVE-2025-11839	ℹ️ low	3.3	0.0	A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Perf...	2025-10-16

These CVEs affect the same products