CVE-2025-69720 (GCVE-0-2025-69720)

Vulnerability from cvelistv5 – Published: 2026-03-19 00:00 – Updated: 2026-06-02 13:00
VLAI
Summary
The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.
Severity
7.3 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
Vendor Product Version
GNU ncurses Affected: 0 , < 6.5-20251213 (custom)
Create a notification for this product.
Siemens RUGGEDCOM RST2428P Affected: 0 , < V4.0 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-69720",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-24T01:05:11.996191Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-23T15:32:18.095Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "RUGGEDCOM RST2428P",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V4.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-02T13:00:33.095Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ncurses",
          "vendor": "GNU",
          "versions": [
            {
              "lessThan": "6.5-20251213",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5-20251213",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-26T15:08:06.834Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://marc.info/?l=ncurses-bug\u0026m=176539968328570\u0026w=2"
        },
        {
          "url": "https://marc.info/?l=ncurses-bug\u0026m=176540731801330\u0026w=2"
        },
        {
          "url": "https://marc.info/?l=ncurses-bug\u0026m=176545557728083\u0026w=2"
        },
        {
          "url": "https://github.com/Cao-Wuhui/CVE-2025-69720"
        },
        {
          "url": "https://invisible-island.net/archives/ncurses/6.5/"
        },
        {
          "url": "https://invisible-island.net/ncurses/"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-69720",
    "datePublished": "2026-03-19T00:00:00.000Z",
    "dateReserved": "2026-01-09T00:00:00.000Z",
    "dateUpdated": "2026-06-02T13:00:33.095Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-69720",
      "date": "2026-06-17",
      "epss": "0.00414",
      "percentile": "0.32854"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-69720\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2026-03-19T15:16:21.293\",\"lastModified\":\"2026-06-02T14:16:37.670\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.\"},{\"lang\":\"es\",\"value\":\"ncurses v6.5 y v6.4 son vulnerables a desbordamiento de b\u00fafer en progs/infocmp.c, funci\u00f3n analyze_string().\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":5.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.4\",\"matchCriteriaId\":\"4F833BCF-B5C0-4AD1-8D3D-F32F39D63ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240427:*:*:*:*:*:*\",\"matchCriteriaId\":\"01C6DAFD-5194-497F-A396-306919613DA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240504:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B59129C-B8AE-4043-9E9A-3340AE9FDE0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240511:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CB16CE1-D8ED-40D2-917C-3E23769D11A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240518:*:*:*:*:*:*\",\"matchCriteriaId\":\"81784D7B-85D5-4570-A2FA-12A6EA2ED29D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240519:*:*:*:*:*:*\",\"matchCriteriaId\":\"30DDED53-9D63-441D-B85A-A5FBAC8F8F0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240525:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D6CF1A5-BCC5-4452-ABE3-6AEB2A5C19E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240601:*:*:*:*:*:*\",\"matchCriteriaId\":\"95423C26-3583-450A-BDAF-2A3C76959920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240608:*:*:*:*:*:*\",\"matchCriteriaId\":\"E59E117A-7813-4686-8A52-B2A99A45D6F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240615:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6B1487C-518E-425D-A89E-32CDF754CD3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240622:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0343D0B-8D98-4F15-8166-68012A62CBC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240629:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFC1BE47-198C-4B29-938A-D33127B7A758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240706:*:*:*:*:*:*\",\"matchCriteriaId\":\"373EB650-F970-40A5-BD32-09BEE34F48B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240713:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCB11782-AE68-4784-BCCC-05817C4D2AE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240720:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FFED224-2F31-4877-B469-B8ED88186D4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240727:*:*:*:*:*:*\",\"matchCriteriaId\":\"9052908B-E79B-4758-8BB8-D716751B674E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240810:*:*:*:*:*:*\",\"matchCriteriaId\":\"94B0EC59-5F4C-4835-B6D3-6646873D9EEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240817:*:*:*:*:*:*\",\"matchCriteriaId\":\"568EF5E6-F534-4A64-A17E-0E1C8B58EB3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240824:*:*:*:*:*:*\",\"matchCriteriaId\":\"803C48AD-237B-4BF8-8424-BB4ACFCCF001\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240831:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D22BA4A-0C03-4679-ABB4-54DCA427E105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240914:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0361067-595F-43B2-AFD8-9BEF6C37785F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240922:*:*:*:*:*:*\",\"matchCriteriaId\":\"62EAEBD3-870E-477C-B9D3-8ED0E7BAF974\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20240928:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C173F79-8726-4EE6-8C63-E0756C9AC993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241006:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDCA5EFB-7D8F-4448-8C48-D04C4E5A8D0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241019:*:*:*:*:*:*\",\"matchCriteriaId\":\"F724BD25-215C-4774-A564-6D41C89B8F6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241026:*:*:*:*:*:*\",\"matchCriteriaId\":\"C35CD022-20E1-417D-871A-552570D470C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241102:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ACD19D6-1CDC-4C7A-9DBB-A9C441850BEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241109:*:*:*:*:*:*\",\"matchCriteriaId\":\"431FBF60-D9BF-434A-B103-CEE445D08F28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241123:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E07FBF9-2D38-4A5E-92E9-6374E1024297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241130:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA0F9B1C-DCB2-473D-8086-D1F35BEDB9C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241207:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC35855B-F702-48E9-AD8E-DBE542B29CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241214:*:*:*:*:*:*\",\"matchCriteriaId\":\"920C5FD1-3614-4252-9F19-089CF2FDAF96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241221:*:*:*:*:*:*\",\"matchCriteriaId\":\"C134C17C-AB7D-4182-9D2F-98DE5615ACAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20241228:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AAE6560-8BB3-4761-AFA3-6FF4CF3931C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250104:*:*:*:*:*:*\",\"matchCriteriaId\":\"786764EE-4C0A-4801-BA0A-6751350E574D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250111:*:*:*:*:*:*\",\"matchCriteriaId\":\"488796C4-88A8-4F62-A9C0-E96DF926C59B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250118:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F8EAFB1-DB1C-4107-987C-12C803F98C9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250125:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF4738B1-966C-4999-8DEC-6E3317957664\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250201:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F1AACB-C3DF-4511-A261-B5BA24013645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250208:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9B386A4-D643-4B27-83F2-57ADC2F190C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250215:*:*:*:*:*:*\",\"matchCriteriaId\":\"60E7F820-9A4D-48D1-A817-A582CEC9CD54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250216:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D2291EE-1EA4-48E0-9CA6-2A6DD644F4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250222:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E4353C2-22B4-44DB-817F-4BDB385B6DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250301:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CFFF73B-C236-424D-B3A8-B03DE0A3D608\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250308:*:*:*:*:*:*\",\"matchCriteriaId\":\"F077FBC1-03F0-48EC-8D1A-91A0D34A526F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250315:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF4DF4F2-C8DC-43E1-A38D-D13C402BAB7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250322:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9198719-6C21-4C72-ADAA-C34D47FBCCA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250329:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C22701-BFF0-4A09-B8B8-2851D34B5DA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250405:*:*:*:*:*:*\",\"matchCriteriaId\":\"74FB0A6F-C157-429A-A769-6B5ED94296C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250412:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B219DA-5D24-4AA2-9EBA-EDEAE59BBFE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250419:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6443172-FB7F-408B-A104-86B98F4FEEE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250426:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCE6DEF3-9792-4BF7-AF16-B59DA2CB066A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250503:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB98C70C-02EA-4A97-A475-BC30170C90A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250510:*:*:*:*:*:*\",\"matchCriteriaId\":\"166696C0-BC8E-47E5-814B-B8D8AF0F9DBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250517:*:*:*:*:*:*\",\"matchCriteriaId\":\"49C22417-14A4-4CFB-BAF0-B53F9EA19E8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250524:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7642084-2D96-4604-A43B-43C777B243A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250531:*:*:*:*:*:*\",\"matchCriteriaId\":\"D80D2BF8-0795-4CA5-B33F-14024FEB9C7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250614:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F73803B-F963-4AE5-8A45-01FCFC991D15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250621:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDA61BDD-96FF-42D6-8145-5B4F2D27EB81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250628:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E855110-A534-4035-A52D-AEA00FB46F7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250705:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF1013BF-649F-402F-A746-08F51D243384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250712:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DA2CC90-D9C7-47E1-A0CC-C9C8B5692297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250720:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50B46A2-2730-416B-91F9-003A8F31A34E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250726:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC9CBD76-49EB-4F2F-B423-C29295383692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250802:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4620E27-7771-4D47-99DD-317CD5051469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250809:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DF12182-D312-4118-8708-38C990D22542\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250816:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF1E3C6A-F963-4B32-A7AA-DFB7D60775DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250823:*:*:*:*:*:*\",\"matchCriteriaId\":\"5152E3B8-6B07-455A-9A1F-ED564EF41C66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250830:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC15F32E-9F0B-4268-B487-621249016034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250913:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E4F453B-6948-4E87-AEA6-19AC85DEF3DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250920:*:*:*:*:*:*\",\"matchCriteriaId\":\"47A4E2C3-38DF-4E0C-9C99-F27258D5F46D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20250927:*:*:*:*:*:*\",\"matchCriteriaId\":\"47BECB6C-23E4-41B1-889A-FDEEB36A658E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251004:*:*:*:*:*:*\",\"matchCriteriaId\":\"F686C3CA-4EEA-412A-BC2D-C491FE5C3216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251010:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFC895B9-95C1-4DBF-9FAF-46DB073D1D84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251018:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD76C797-9CCD-4435-BD0B-4BDC635D18F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251025:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FBA0671-FCA3-4EBC-BF88-6EEDF94A55B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251101:*:*:*:*:*:*\",\"matchCriteriaId\":\"924191D6-7FC1-49FB-BE3C-C788B7EFD031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251115:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6CF94C0-97BF-4370-AF63-2673C99F9835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251122:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DE8A0A0-74CF-4850-9974-681BC8EAF606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251123:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D5CA575-EDE5-4E42-B465-284C4B9BD822\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251129:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACA7CB1C-8F84-497E-A48E-E975D625CD43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invisible-island:ncurses:6.5:20251206:*:*:*:*:*:*\",\"matchCriteriaId\":\"46993193-F710-4CBF-AA5A-3218E2A53BC6\"}]}]}],\"references\":[{\"url\":\"https://github.com/Cao-Wuhui/CVE-2025-69720\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://invisible-island.net/archives/ncurses/6.5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://invisible-island.net/ncurses/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://marc.info/?l=ncurses-bug\u0026m=176539968328570\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://marc.info/?l=ncurses-bug\u0026m=176540731801330\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://marc.info/?l=ncurses-bug\u0026m=176545557728083\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-253495.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RST2428P\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V4.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-253495.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-06-02T13:00:33.095Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-69720\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-24T01:05:11.996191Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-24T01:06:48.727Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L\"}}], \"affected\": [{\"vendor\": \"GNU\", \"product\": \"ncurses\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.5-20251213\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://marc.info/?l=ncurses-bug\u0026m=176539968328570\u0026w=2\"}, {\"url\": \"https://marc.info/?l=ncurses-bug\u0026m=176540731801330\u0026w=2\"}, {\"url\": \"https://marc.info/?l=ncurses-bug\u0026m=176545557728083\u0026w=2\"}, {\"url\": \"https://github.com/Cao-Wuhui/CVE-2025-69720\"}, {\"url\": \"https://invisible-island.net/archives/ncurses/6.5/\"}, {\"url\": \"https://invisible-island.net/ncurses/\"}], \"x_generator\": {\"engine\": \"enrichogram 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-121\", \"description\": \"CWE-121 Stack-based Buffer Overflow\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.5-20251213\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-03-26T15:08:06.834Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-69720\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-02T13:00:33.095Z\", \"dateReserved\": \"2026-01-09T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2026-03-19T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.