VDB
DEBIAN-CVE-2025-69720
DEBIAN-CVE-2025-69720
PUBLISHED
CVSS 7.800000190734863 HIGH
The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | ncurses | *, 6.4-4, * |
| Debian:13 | ncurses | 6.6+20251231, 6.5+20250216-2, 6.5+20251115-1 |
| Debian:12 | ncurses | 6.4-4, 6.4+20240113, 6.4+20231209 |
| Debian:14 | ncurses | 6.5+20250216-2, 6.5+20251115-1, 6.5+20251115-2 |
Exploit Intelligence
- Advisory for CVE-2025-69720: stack-based buffer overflow in GNU ncurses infocmp (CWE-121) (github-poc-repo)
- Advisory for CVE-2025-69720: stack-based buffer overflow in GNU ncurses infocmp (CWE-121) (github-poc)
- dhi-victoriametrics-vmstorage.vex.json (github-poc)
- dhi-istioctl.vex.json (github-poc)
- .trivyignore.yml (github-poc)
- .trivyignore.yml (github-poc)
- .trivyignore.yml (github-poc)
- dockerscan.yml (github-poc)
- .trivyignore.yaml (github-poc)
Timeline
- Mar 19, 2026 CVE Published
- Apr 28, 2026 CVE Updated