CVE-2025-40843
MEDIUMCodeChecker < 6.26.2 - Stack-based Buffer Overflow in ldlogger Library
Title source: llmDescription
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. This issue affects CodeChecker: through 6.26.1.
References (1)
Core 1
Core References
Exploit, Vendor Advisory vendor-advisory
https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r
Scores
CVSS v3
5.9
EPSS
0.0002
EPSS Percentile
7.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-121
Status
published
Products (2)
ericsson/codechecker
< 6.26.2
pypi/codechecker
0 - 6.26.2PyPI
Published
Oct 28, 2025
Tracked Since
Feb 18, 2026