CVE-2025-8735

CVSS 3.3 - LOW

Description

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

References

https://drive.google.com/file/d/1Q_rDQSEl3cBu6SUbf...

https://lists.gnu.org/archive/html/bug-cflow/2025-...

https://vuldb.com/?ctiid.319231

https://vuldb.com/?id.319231

https://vuldb.com/?submit.622328

https://www.gnu.org/

https://www.openwall.com/lists/oss-security/2025/1...

Weakness Types

CWE-404

CVE Information

CVE ID:: CVE-2025-8735
Published:: 2025-08-08
Modified:: 2026-04-29
CVSS Score:: 3.3
Severity:: LOW
Vector:: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Quick Actions

View on NVD

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL