CVE-2025-2760

Risk Scores

Affected Products

Exploit Intelligence

• CIRCL seen: CVE-2025-2760 (circl-sighting)
• CIRCL seen: CVE-2025-2760 (circl-sighting)
• https://lists.debian.org/debian-lts-announce/2025/10/msg00022.html (circl)
• ZDI-25-203 (circl)

Timeline

• Apr 7, 2025 PoC Published
• Apr 7, 2025 CVE Published
• Apr 24, 2025 EPSS Score
• May 6, 2025 EPSS Score
• May 18, 2025 EPSS Score
• May 30, 2025 EPSS Score
• Jun 2, 2025 PoC Published
• Jun 24, 2025 EPSS Score
• Jul 6, 2025 EPSS Score
• Jul 18, 2025 EPSS Score
• Jul 30, 2025 EPSS Score
• Aug 11, 2025 EPSS Score

References

• https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0734.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0734 advisory
• https://www.zerodayinitiative.com/advisories/ZDI-25-203/ advisory
• https://www.zerodayinitiative.com/advisories/ZDI-25-204/ advisory
• https://gitlab.gnome.org/GNOME/gimp/-/issues/13073 advisory
• https://gitlab.gnome.org/GNOME/gimp/-/issues/12790 advisory
• https://lists.suse.com/pipermail/sle-security-updates/2025-May/020825.html advisory
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O5JWJRWHYBUC66N5GJFKX2LXBMR3MO46/ advisory
• https://lists.suse.com/pipermail/sle-security-updates/2025-June/021421.html advisory
• https://lists.debian.org/debian-security-announce/2025/msg00103.html advisory
• https://alas.aws.amazon.com/AL2/ALAS2GIMP-2025-001.html advisory
• https://lists.suse.com/pipermail/sle-security-updates/2025-September/022390.html advisory
• https://security-tracker.debian.org/tracker/DSA-6043-1 advisory
• https://ubuntu.com/security/notices/USN-8057-1 advisory
• https://ubuntu.com/security/notices/USN-8075-1 advisory