CVSS: 9.8EPSS: %CPEs: 2EXPL: 0CVE-2025-11680 – Out-of-bounds Write in libwebsockets PNG parsing
https://notcve.org/view.php?id=CVE-2025-11680
20 Oct 2025 — Out-of-bounds Write in unfilter_scanline in warmcat libwebsockets allows, when the LWS_WITH_UPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a crafted PNG file with a big width value that causes an integer overflow which value is used for determining the size of a heap allocation. • https://libwebsockets.org/git/libwebsockets/commit?id=2b715249f39291c86443b969a1088d59b6a89b78 • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: %CPEs: 2EXPL: 0CVE-2025-11679 – Out-of-bounds Read in libwebsockets PNG parsing
https://notcve.org/view.php?id=CVE-2025-11679
20 Oct 2025 — Out-of-bounds Read in lws_upng_emit_next_line in warmcat libwebsockets allows, when the LWS_WITH_UPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a crafted PNG file with a big height dimension. • https://libwebsockets.org/git/libwebsockets/commit?id=7df24cca7144d7bc9233b6b0a71108bd154ce101 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: %CPEs: 2EXPL: 0CVE-2025-11677 – Use After Free in libwebsockets WebSocket server
https://notcve.org/view.php?id=CVE-2025-11677
20 Oct 2025 — Use After Free in WebSocket server implementation in lws_handshake_server in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWS_CALLBACK_HTTP_CONFIRM_UPGRADE, to achieve denial of service. Use After Free in WebSocket server implementation in lws_handshake_server in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWS_CALLBACK_HTTP_CONFIRM_UPGRADE, ... • https://libwebsockets.org/git/libwebsockets/commit?id=2f082ec31261f556969160143ba94875d783971a • CWE-416: Use After Free •