Sqlite · Sqlite · CVE-2025-7458
**Name of the Vulnerable Software and Affected Versions**
SQLite versions 3.39.2 through 3.41.1
**Description**
An integer overflow in the `sqlite3KeyInfoFromExprList` function allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause.
**Recommendations**
Update to a version later than 3.41.1.