2 matches found
CVE-2025-67873
Capstone CVE-2025-67873 affects the disassembly framework in 6.0.0-Alpha5 and earlier. A missing bounds check on a user-provided skipdata callback allows memcpy beyond 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. The exploit path and impact are described in...
CVE-2025-68114
Capstone CVE-2025-68114 affects Capstone 6.0.0-Alpha5 and earlier. The vulnerability arises from an unchecked return value from vsnprintf in SStream_concat, which can drive SStream’s index negative or past the end and cause a stack buffer underflow/overflow on the next write. The issue has a fixe...