Zero Day MonitorZDM

CVE-2025-69720: The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c. — Zero Day Monitor

← Back to list

7.3

CVE-2025-69720

invisible-island · ncurses

The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.

Description

The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.

Affected Products

Vendor	Product	Versions
invisible-island	ncurses	<= 6.4

References

https://github.com/Cao-Wuhui/CVE-2025-69720(Exploit, Third Party Advisory)
https://invisible-island.net/archives/ncurses/6.5/(Release Notes)
https://invisible-island.net/ncurses/(Product)
https://marc.info/?l=ncurses-bug&m=176539968328570&w=2(Issue Tracking, Mailing List, Vendor Advisory)
https://marc.info/?l=ncurses-bug&m=176540731801330&w=2(Issue Tracking, Mailing List, Vendor Advisory)
https://marc.info/?l=ncurses-bug&m=176545557728083&w=2(Issue Tracking, Mailing List, Vendor Advisory)

Related News (1 articles)

Tier B

CERT-FR9d ago

Multiples vulnérabilités dans les produits Microsoft (30 mars 2026)

→ No new info (linked only)

CVSS 3.17.3 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

CISA KEV❌ No

Actively exploited❌ No

CWECWE-121, CWE-120

PublishedMar 19, 2026

Last enriched7d ago

Trending Score7

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet