CVE-2025-6141
3.3 LOWA vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic
Published: 2025-06-16 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 3.3 LOW
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
- CWE
- CWE-119, CWE-121
Description
A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2025-6141
- [Other]https://invisible-island.net/ncurses/NEWS.html#index-t20250329
- [Other]https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00107.html
- [Other]https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00109.html
- [Other]https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00114.html
- [Other]https://vuldb.com/?ctiid.312610
- [Other]https://vuldb.com/?id.312610
- [Other]https://vuldb.com/?submit.593000
- [Other]https://www.gnu.org/
- [Other]https://cert-portal.siemens.com/productcert/html/ssa-089022.html
- [Other]https://cert-portal.siemens.com/productcert/html/ssa-253495.html
Related CVEs
Same CWE
- CVE-2026-49760 — Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow
- CVE-2026-49759 — Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by...
- CVE-2026-26241 — A buffer overflow vulnerability has been reported to affect File Station 5
- CVE-2026-26240 — A buffer overflow vulnerability has been reported to affect File Station 5
- CVE-2026-26239 — A buffer overflow vulnerability has been reported to affect File Station 5