CVE-2025-15535

A security flaw has been discovered in nicbarker clay up to 0.14. This affects the function Clay__MeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

CVSS v3 3.3 LOW
CVSS v2.0 1.7 LOW

3.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

1.7^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 3.1 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/nicbarker/clay/
https://github.com/nicbarker/clay/issues/566
https://github.com/oneafter/1215/blob/main/repro
https://vuldb.com/?ctiid.341707
https://vuldb.com/?id.341707
https://vuldb.com/?submit.733346

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una falla de seguridad ha sido descubierta en nicbarker clay hasta la versión 0.14. Esto afecta la función Clay__MeasureTextCached en la librería clay.h. La manipulación resulta en desreferencia de puntero nulo. El ataque solo es posible con acceso local. El exploit ha sido liberado al público y puede ser utilizado para ataques. El proyecto fue informado del problema tempranamente a través de un informe de problema pero aún no ha respondido.

23 Feb 2026, 09:16

Type	Values Removed	Values Added
References		() https://github.com/nicbarker/clay/ -

18 Jan 2026, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-18 08:15

Updated : 2026-04-29 01:00

NVD link : CVE-2025-15535

Mitre link : CVE-2025-15535

CVE.ORG link : CVE-2025-15535

JSON object : View

Products Affected

No product.

CWE

CWE-404

Improper Resource Shutdown or Release

CWE-476

NULL Pointer Dereference

{"id": "CVE-2025-15535", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"version": "2.0", "baseScore": 1.7, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 1.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-01-18T08:15:49.057", "references": [{"url": "https://github.com/nicbarker/clay/", "source": "cna@vuldb.com"}, {"url": "https://github.com/nicbarker/clay/issues/566", "source": "cna@vuldb.com"}, {"url": "https://github.com/oneafter/1215/blob/main/repro", "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?ctiid.341707", "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.341707", "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?submit.733346", "source": "cna@vuldb.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-404"}, {"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in nicbarker clay up to 0.14. This affects the function Clay__MeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Una falla de seguridad ha sido descubierta en nicbarker clay hasta la versi\u00f3n 0.14. Esto afecta la funci\u00f3n Clay__MeasureTextCached en la librer\u00eda clay.h. La manipulaci\u00f3n resulta en desreferencia de puntero nulo. El ataque solo es posible con acceso local. El exploit ha sido liberado al p\u00fablico y puede ser utilizado para ataques. El proyecto fue informado del problema tempranamente a trav\u00e9s de un informe de problema pero a\u00fan no ha respondido."}], "lastModified": "2026-04-29T01:00:01.613", "sourceIdentifier": "cna@vuldb.com"}