CVE-2025-32439

Name of the Vulnerable Software and Affected Versions pleezer versions prior to 0.16.0

Description The issue arises from hook scripts in pleezer being spawned without proper process cleanup, leading to zombie processes in the system's process table. This occurs with every track change and playback event, causing resource exhaustion over time as the system's process table fills up. The problem is worsened by rapid events, whether through normal use or potential manipulation of the Deezer Connect protocol traffic.

Recommendations For versions prior to 0.16.0, update to version 0.16.0 to resolve the issue. As a temporary workaround, consider disabling hook scripts until the update is applied. Restricting the frequency of track changes and playback state changes may also help minimize the risk of exploitation.