EUVD-2025-24013

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Critical vuln in GNU cflow 1.8; yylex in c.c Lexer buffer overflow; local access; exploit public.

Reporter	Title	Published	Views	Family All 15
AlpineLinux	CVE-2025-8736	8 Aug 202519:02	–	alpinelinux
CNNVD	GNU cflow 安全漏洞	8 Aug 202500:00	–	cnnvd
CNVD	GNU cflow Buffer Overflow Vulnerability	15 Aug 202500:00	–	cnvd
CVE	CVE-2025-8736	8 Aug 202519:02	–	cve
Cvelist	CVE-2025-8736 GNU cflow Lexer c.c yylex buffer overflow	8 Aug 202519:02	–	cvelist
Debian CVE	CVE-2025-8736	8 Aug 202519:02	–	debiancve
NVD	CVE-2025-8736	8 Aug 202519:15	–	nvd
OSV	DEBIAN-CVE-2025-8736	8 Aug 202519:15	–	osv
OSV	UBUNTU-CVE-2025-8736	8 Aug 202519:15	–	osv
Positive Technologies	PT-2025-32407 · Gnu +1 · Gnu Cflow +1	1 Jan 202500:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "a8eafcf6-da0e-398a-ad36-a9ae40649e5c",
        "vendor": {
          "name": "GNU"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "084c33f5-a77c-3657-a105-1761fcfd584b",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.1"
      },
      {
        "id": "08a6ef8c-6eca-327d-a2a7-2f9293f9d51f",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.2"
      },
      {
        "id": "11d1cbbc-c7a7-3ddb-a822-951c10920c2c",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.3"
      },
      {
        "id": "400d29bb-468b-3d3a-b843-3eced4b91f15",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.4"
      },
      {
        "id": "4779691f-1f2b-3bd5-ad1a-e36ae54dcfae",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.8"
      },
      {
        "id": "938b99fc-f508-36b5-881c-bd333fd0e253",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.0"
      },
      {
        "id": "a4bc989e-e664-3c9d-8630-97a66a9768f9",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.6"
      },
      {
        "id": "acd362e5-2420-31a5-ba3e-1f87fe9bdc87",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.7"
      },
      {
        "id": "be4bdd6d-d128-34c4-8a3e-7bc44ec06669",
        "product": {
          "name": "cflow"
        },
        "product_version": "1.5"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
lists	www.lists.gnu.org/archive/html/bug-cflow/2025-07/msg00001.html
drive	www.drive.google.com/file/d/17lkJ5bSiQZoXLTg3bK-rGBt3kahN9Xse/view
gnu	www.gnu.org/

03 Oct 2025 20:07Current

5.4Medium risk

Vulners AI Score5.4

CVSS 44.8

CVSS 24.3

CVSS 3.15.3

CVSS 35.3

EPSS0.00071

SSVC

critical vulnerability; gnu cflow 1.8; yylex function; buffer overflow; local access required; exploit disclosed