CVE-2025-5222

High CVSS 7.0

Overview

A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.

CWE: CWE-120 Published: 2025-05-27T21:15:23.030

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.0 (HIGH)
Detected tags: buffer, mem_corruption, rce (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags