CVE Daily

CVE-2025-53766

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to ex...

Critical CVSS 9.8

Overview

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

CWE: CWE-122 Published: 2025-08-12T18:15:45.400
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: buffer, unauth_access (tag impact: HIGH)

Recommended actions:

  • Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags