← back
CVE-2025-59418

BunnyPad Vulnerable to Buffer Overflow When Opening Files of Size 20MB or Greater

CVSS 5.5 MEDIUMEPSS 0.2%CWE-770
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Sep 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
BunnyPad is a note taking software. Prior to version 11.0.27000.0915, opening files greater than or equal to 20MB causes buffer overflow to occur. This issue has been patched in version 11.0.27000.0915. Users who wish not to upgrade should refrain from opening files larger than 10MB.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H