CVE-2025-70873

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SQLite versions 3.51.1 and earlier

Description An issue exists where a crafted ZIP file can lead to the disclosure of heap memory. The issue is present in the zipfileInflate function within the zipfile extension.

Recommendations Versions prior to 3.51.1 should be updated.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-244

Related Identifiers

BIT-SQLITE-2025-70873

CVE-2025-70873

ECHO-186E-750F-440B

OESA-2026-1767

OESA-2026-1768

OESA-2026-1769

OESA-2026-1770

OESA-2026-1771

OESA-2026-1772

OPENSUSE-SU-2026:10406-1

OPENSUSE-SU-2026:20513-1

RHSA-2026:7656

SUSE-SU-2026:0955-1

SUSE-SU-2026:1065-1

SUSE-SU-2026:20771-1

SUSE-SU-2026:20794-1

SUSE-SU-2026:21095-1

SUSE-SU-2026:21173-1

Affected Products

Sqlite

CVE-2025-70873

Weakness Enumeration

Related Identifiers

Affected Products

References · 45