CVE-2025-8736

🗓️ 08 Aug 2025 19:02:06Reported by VulDBType

CVE-2025-8736:GNU cflow <=1.8; critical Lexer yylex (c.c) buffer overflow;local access;exploit public.

Reporter	Title	Published	Views	Family All 15
AlpineLinux	CVE-2025-8736	8 Aug 202519:02	–	alpinelinux
CNNVD	GNU cflow 安全漏洞	8 Aug 202500:00	–	cnnvd
CNVD	GNU cflow Buffer Overflow Vulnerability	15 Aug 202500:00	–	cnvd
Cvelist	CVE-2025-8736 GNU cflow Lexer c.c yylex buffer overflow	8 Aug 202519:02	–	cvelist
Debian CVE	CVE-2025-8736	8 Aug 202519:02	–	debiancve
EUVD	EUVD-2025-24013	3 Oct 202520:07	–	euvd
NVD	CVE-2025-8736	8 Aug 202519:15	–	nvd
OSV	DEBIAN-CVE-2025-8736	8 Aug 202519:15	–	osv
OSV	UBUNTU-CVE-2025-8736	8 Aug 202519:15	–	osv
Positive Technologies	PT-2025-32407 · Gnu +1 · Gnu Cflow +1	1 Jan 202500:00	–	ptsecurity

Vulners

Node

gnu cflowMatch1.0

gnu cflowMatch1.1

gnu cflowMatch1.2

gnu cflowMatch1.3

gnu cflowMatch1.4

gnu cflowMatch1.5

gnu cflowMatch1.6

gnu cflowMatch1.7

gnu cflowMatch1.8

[
  {
    "vendor": "GNU",
    "product": "cflow",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      },
      {
        "version": "1.1",
        "status": "affected"
      },
      {
        "version": "1.2",
        "status": "affected"
      },
      {
        "version": "1.3",
        "status": "affected"
      },
      {
        "version": "1.4",
        "status": "affected"
      },
      {
        "version": "1.5",
        "status": "affected"
      },
      {
        "version": "1.6",
        "status": "affected"
      },
      {
        "version": "1.7",
        "status": "affected"
      },
      {
        "version": "1.8",
        "status": "affected"
      }
    ],
    "modules": [
      "Lexer"
    ]
  }
]

Source	Link
gnu	www.gnu.org/
vuldb	www.vuldb.com/
drive	www.drive.google.com/file/d/17lkJ5bSiQZoXLTg3bK-rGBt3kahN9Xse/view
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
lists	www.lists.gnu.org/archive/html/bug-cflow/2025-07/msg00001.html

29 Apr 2026 01:00Current

5.3Medium risk

Vulners AI Score5.3

CVSS 24.3

CVSS 44.8

CVSS 3.15.3

CVSS 35.3

EPSS0.00071

SSVC

cve-2025-8736;cflow;lexer;yylex;buffer overflow