How serious is CVE-2025-61146?

This vulnerability has a CVSS score of 4 out of 10, classified as MEDIUM severity. No public exploit code has been identified yet.

Which products are affected by CVE-2025-61146?

CVE-2025-61146 affects libsixel project libsixel. Check the full CVE details for specific version information.

How do I fix CVE-2025-61146?

To remediate CVE-2025-61146, check for security patches from libsixel project. Apply all available updates and security patches. If no patch is available, implement recommended workarounds or security controls to mitigate the risk.

CVE-2025-61146

Medium

|4.0

No Exploit

Plain English Summary

AI-powered analysis for quick understanding

This vulnerability allows an attacker to exploit a memory leak in the libsixel library, potentially leading to increased memory usage and denial of service over time. It affects versions prior to 1.8.7, meaning systems using those older versions are at risk if they process images with libsixel.

Technical Description

saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c.

CVSS Vector Analysis

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

Confidentiality ImpactNone

Integrity ImpactNone

Availability ImpactLow

ScopeUnchanged

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploit Resources

Search for proof-of-concept code and exploit modules

GitHub Search Exploit-DB Nuclei Templates Metasploit Vulners

Official References

NIST NVD

Est. Bounty

$500($500-$1K)

Vendor Response

Grade APatched in 3 days

Quick Information

Published

Feb 23, 2026

about 1 month ago

Last Modified

Feb 26, 2026

about 1 month ago

Vendor

libsixel project

Product

libsixel