Lucene search
+L

(0Day) Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability

🗓️ 16 Oct 2025 00:00:00Reported by Rocco Calvi (@TecR0c) with TecSecurityType 
zdi
 zdi
🔗 www.zerodayinitiative.com👁 7 Views

Ashlar-Vellum Cobalt CO file parsing use-after-free enables remote code execution after opening a malicious file or page.

Related
ReporterTitlePublishedViews
Family
Circl
CVE-2025-11465
16 Oct 202503:00
circl
CNNVD
Ashlar-Vellum Cobalt 资源管理错误漏洞
29 Oct 202500:00
cnnvd
CVE
CVE-2025-11465
29 Oct 202519:44
cve
Cvelist
CVE-2025-11465 Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability
29 Oct 202519:44
cvelist
EUVD
EUVD-2025-36702
29 Oct 202521:30
euvd
NVD
CVE-2025-11465
29 Oct 202520:15
nvd
OSV
CVE-2025-11465
29 Oct 202520:15
osv
RedhatCVE
CVE-2025-11465
30 Oct 202520:16
redhatcve
Vulnrichment
CVE-2025-11465 Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability
29 Oct 202519:44
vulnrichment

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Oct 2025 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 37.8
EPSS0.00193
7