Apache · Apache Nuttx · CVE-2025-47868
**Name of the Vulnerable Software and Affected Versions**
Apache NuttX versions 6.9 through 12.9.0
**Description**
An Out-of-bounds Write resulting in a possible Heap-based Buffer Overflow issue was discovered in the tools/bdf-converter font conversion utility, which is part of the Apache NuttX RTOS repository. This utility is optional and not part of the NuttX RTOS or Applications runtime. However, active users of bdf-converter may be affected when the tool is exposed to external user data.
**Recommendations**
For Apache NuttX versions 6.9 through 12.9.0, upgrade to version 12.9.0 to fix the issue.