← back
CVE-2018-25154

GNU Barcode 0.99 Buffer Overflow in Code 93 Encoding Mechanism

CVSS 8.5 HIGHEPSS 0.3%CWE-787
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.5EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Dec 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N