CVE-2025-65086

216.73.217.22

· Published 12/05/2026 21:16 · Modified 13/05/2026 15:52

Labels: CVE-2025-65086 2026-05-12 CVE-2025-65086 CWE-787 [email protected]

Essential information

Published: 12/05/2026 21:16
Modified: 13/05/2026 15:52
Author: —
Creator: —
CVSS: 8.4 HIGH (v3) 8.4 HIGH (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to execute arbitrary code when a specially crafted VC6 file is being parsed.

NVD status

Status: Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
ashlar-vellum / cobalt	`cpe:2.3:a:ashlar-vellum:cobalt:12.6.1204:::::::*`
ashlar-vellum / xenon	`cpe:2.3:a:ashlar-vellum:xenon:12.6.1204:::::::*`
ashlar-vellum / argon	`cpe:2.3:a:ashlar-vellum:argon:12.6.1204:::::::*`
ashlar-vellum / lithium	`cpe:2.3:a:ashlar-vellum:lithium:12.6.1204:::::::*`
ashlar-vellum / cobalt share	`cpe:2.3:a:ashlar-vellum:cobalt_share:12.6.1204:::::::*`