CVE-2025-40843

{"id": "CVE-2025-40843", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.5}]}, "published": "2025-10-28T19:15:41.757", "references": [{"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r", "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \n\n\n\n\nCodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger\u00a0library, which is executed by the CodeChecker log\u00a0command.\n\n\n\n\n\nThis issue affects CodeChecker: through 6.26.1."}], "lastModified": "2025-10-30T15:05:32.197", "sourceIdentifier": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf"}