CVE-2025-3408

Name of the Vulnerable Software and Affected Versions: Nothings stb up to f056911

Description: A critical issue was found in Nothings stb, affecting the stb dupreplace function. The manipulation leads to integer overflow, and the attack may be launched remotely. The product uses continuous delivery with rolling releases, so no version details of affected or updated releases are available. The vendor was contacted early about this disclosure but did not respond.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.