CVE-2025-66864

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions BinUtils version 2.26

Description A flaw exists in the d print comp inner function within the cp-demangle.c file of BinUtils. This issue allows attackers to trigger a denial of service by providing a specially crafted PE (Portable Executable) file.

Recommendations Update to a newer version of BinUtils that addresses this issue. As a temporary workaround, consider restricting the processing of untrusted PE files.

Exploit

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2025-66864

ECHO-F03A-1D8D-33BE

RHSA-2026:7098

Affected Products

Binutils

Debian

CVE-2025-66864

Weakness Enumeration

Related Identifiers

Affected Products

References · 13