{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T05:11:13.055","vulnerabilities":[{"cve":{"id":"CVE-2025-52930","sourceIdentifier":"talos-cna@cisco.com","published":"2025-08-25T15:15:40.627","lastModified":"2025-11-03T19:16:07.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de corrupción de memoria en la función BMPv3 RLE Decoding de SAIL Image Decoding Library v0.9.8. Al descomprimir los datos de imagen de un archivo .bmp especialmente manipulado, puede producirse un desbordamiento de búfer en el montón, lo que permite la ejecución remota de código. Un atacante deberá convencer a la librería para que lea un archivo para activar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-680"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sail:sail:0.9.8:*:*:*:*:*:*:*","matchCriteriaId":"BDFCF91A-2A3D-45C6-A8C3-DD90A646BDAA"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2025-2221","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2221","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}