CVE-2025-14308
CRITICALRobocode 1.9.3.6 - Integer Overflow in Buffer Write Method
Title source: llmDescription
An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length of data being written, allowing attackers to cause an overflow, potentially leading to buffer overflows and arbitrary code execution. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the data length, leading to potential unauthorized code execution.
References (1)
Core 1
Core References
Issue Tracking, Vendor Advisory
https://github.com/robo-code/robocode/pull/70
Scores
CVSS v3
9.8
EPSS
0.0049
EPSS Percentile
38.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-190
Status
published
Products (1)
robocode/robocode
1.9.3.6
Published
Dec 09, 2025
Tracked Since
Feb 18, 2026