CVE-2025-11011

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions BehaviorTree versions prior to 4.7.0

Description A flaw exists in BehaviorTree due to a null pointer dereference in the JsonExporter::fromJson function located in /src/json export.cpp. Manipulation of the Source argument triggers this issue. The exploit is publicly available and requires local access.

Recommendations Install the patch 4b23dcaf0ce951a31299ebdd61df69f9ce99a76d to address this issue.

Exploit

Fix

Improper Resource Release

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-476

Related Identifiers

CVE-2025-11011

Affected Products

Behaviortree

CVE-2025-11011

Weakness Enumeration

Related Identifiers

Affected Products

References · 16