PT-2026-40429 · Ashlar Vellum · Lithium+4
Published
2026-05-12
·
Updated
2026-05-12
·
CVE-2025-65087
CVSS v4.0
8.4
High
| Vector | AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Ashlar-Vellum Cobalt versions prior to 12.6.1204.217
Ashlar-Vellum Xenon versions prior to 12.6.1204.217
Ashlar-Vellum Argon versions prior to 12.6.1204.217
Ashlar-Vellum Lithium versions prior to 12.6.1204.217
Ashlar-Vellum Cobalt Share versions prior to 12.6.1204.217
Description
An Out-of-Bounds Read occurs when a specially crafted VC6 file is parsed, which could allow an attacker to disclose information or execute arbitrary code.
Recommendations
Update to a version later than 12.6.1204.216 for Cobalt, Xenon, Argon, Lithium, and Cobalt Share.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Argon
Cobalt
Cobalt Share
Lithium
Xenon