CVE-2025-30309

Name of the Vulnerable Software and Affected Versions: XMP Toolkit versions 2023.12 and earlier

Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. To exploit this issue, user interaction is required, where a victim must open a malicious file.

Recommendations: For versions 2023.12 and earlier, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider avoiding the opening of files from untrusted sources until a patch is available.