HIGH 7.8
CVE-2025-65086
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed.
CVSS v3
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| ashlar |
lithium All platforms (wildcard)
|
All platforms (wildcard) | ≤12.6.1204.216 | cpe:2.3:a:ashlar:lithium:*:*:*:*:*:*:*:* |
| ashlar |
xenon All platforms (wildcard)
|
All platforms (wildcard) | ≤12.6.1204.216 | cpe:2.3:a:ashlar:xenon:*:*:*:*:*:*:*:* |