Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Published: Aug 8, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-8735
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.3
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVSS v2:

Severity: Low
Score: 1.7
AV:L/AC:L/Au:S/C:N/I:N/A:P

CWEs:

CWE-404
CWE-476

Affected Software
References

No affected software listed.

https://drive.google.com/file/d/1Q_rDQSEl3cBu6SUbfqr9pV9cHgvKcXFI/view?usp=drive_link
https://lists.gnu.org/archive/html/bug-cflow/2025-07/msg00000.html
https://vuldb.com/?ctiid.319231
https://vuldb.com/?id.319231
https://vuldb.com/?submit.622328
https://www.gnu.org/
https://www.openwall.com/lists/oss-security/2025/10/27/12

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo