CVE-2025-53766

Critical

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

secure@microsoft.com·CWE-122·Published 2025-08-12

CVSS

9.8

EPSS

0.07

KEV

Exploits

cve.orgen

106 chars

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

NVDen

106 chars

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

NVDes

134 chars

El desbordamiento del búfer basado en montón en Windows GDI+ permite que un atacante no autorizado ejecute código a través de una red.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
3.1	Secondary	NVD	9.8	3.9	5.9