← back
CVE-2025-15564

Mapnik value.cpp operator divide by zero

CVSS 4.8 MEDIUMEPSS 0.2%CWE-369CWE-404
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
n/a · Mapnik

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/mapnik/mapnik/https://github.com/mapnik/mapnik/issues/4545https://github.com/oneafter/1219/blob/main/reprohttps://vuldb.com/?ctiid.344502https://vuldb.com/?id.344502https://vuldb.com/?submit.743386