Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AV:N reflects potential network delivery of crafted pcapng input; AC:H due to required precise length crafting; impact limited to A:L per source CVSS 4.0 assignment with no C or I impact.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the component LightPcapNg Parser. Performing a manipulation of the argument captured_packet_length results in heap-based buffer overflow. It is possible to initiate the attack remotely. The attack's complexity is rated as high. The exploitability is described as difficult. The exploit has been made public and could be used.
AnalysisAI
Heap-based buffer overflow in PcapPlusPlus 25.05 allows remote attackers to crash applications that parse attacker-controlled pcapng files via a crafted captured_packet_length value in the parse_by_block_type function of the LightPcapNg Parser. A publicly available proof-of-concept exploit (poc.zip) exists, though confirmed impact is limited to availability - application crash/denial-of-service - with no confidentiality or integrity impact indicated by the CVSS 4.0 vector. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The target application must be built against PcapPlusPlus version 25.05 and must invoke the LightPcapNg Parser component (specifically `parse_by_block_type` in `light_pcapng.c`) to process a pcapng-format input. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The overall risk is low. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a pcapng file containing a packet block where the `captured_packet_length` field is set to a value significantly exceeding the actual packet data present. When an application built with PcapPlusPlus 25.05 opens and parses this file through the LightPcapNg Parser, `parse_by_block_type` uses the attacker-supplied length to copy packet data into a heap-allocated buffer, writing beyond its bounds. … |
| Remediation | No vendor-released patch has been identified at the time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-122 – Heap-based Buffer Overflow
View allSame technique Heap Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40134
GHSA-94c3-8cq4-gwwg