CVE-2025-11017

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OGRECave Ogre versions prior to 14.4.1

Description A flaw exists in OGRECave Ogre that allows for a null pointer dereference. This occurs due to manipulation of the mDefaultLog argument within the Ogre::LogManager::stream function, located in the file /ogre/OgreMain/src/OgreLogManager.cpp. The issue is exploitable from a local position and the exploit is publicly available.

Recommendations Update to a version newer than 14.4.1.

Exploit

Fix

Improper Resource Release

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-476

Related Identifiers

CVE-2025-11017

Affected Products

Debian

Ogrecave Ogre

CVE-2025-11017

Weakness Enumeration

Related Identifiers

Affected Products

References · 16