CVE-2025-59777

CVSS 7.5 - HIGH
Description

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.

Affected Products
1
Vendor Product Version
gnu libmicrohttpd All versions
References
https://git.gnunet.org/libmicrohttpd.git/commit/?i...
https://jvn.jp/en/jp/JVN76719218/
https://www.gnu.org/software/libmicrohttpd/
Weakness Types
CWE-476
CVE Information
CVE ID:
CVE-2025-59777
Published:
2025-11-10
Modified:
2025-11-14
CVSS Score:
7.5
Severity:
HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Vendors
gnu
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL