CVE-2025-47256
MEDIUMLibxmp <4.6.2 - Buffer Overflow
Title source: llmDescription
Libxmp through 4.6.2 has a stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file.
Exploits (1)
nomisec
WORKING POC
1 stars
by SexyShoelessGodofWar · poc
https://github.com/SexyShoelessGodofWar/CVE-2025-47256
Scores
CVSS v3
5.6
EPSS
0.0011
EPSS Percentile
29.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-191
Status
published
Products (1)
Libxmp/Libxmp
< 4.6.2
Published
May 06, 2025
Tracked Since
Feb 18, 2026