CVE-2025-7208 – Plan9port X509 Heap Buffer Overflow Vulnerability

The following table lists the changes that have been made to the
CVE-2025-7208 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

New CVE Received
by [email protected]

Jul. 09, 2025

Action	Type	New Value
Added	Description	A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is b3e06559475b0130a7a2fb56ac4d131d13d2012f. It is recommended to apply a patch to fix this issue.
Added	CVSS V4.0	AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Added	CVSS V3.1	AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Added	CVSS V2	(AV:A/AC:L/Au:S/C:P/I:P/A:P)
Added	CWE	CWE-119
Added	CWE	CWE-122
Added	Reference	https://drive.google.com/drive/folders/1kedwNLNDiFQB2OAp7S-ZKYoF7nxfIZGO?usp=sharing
Added	Reference	https://git.9front.org/plan9front/plan9front/b3e06559475b0130a7a2fb56ac4d131d13d2012f/commit.html
Added	Reference	https://github.com/9fans/plan9port/issues/710#issuecomment-2819906648
Added	Reference	https://github.com/user-attachments/files/19698345/plan9port_crash_1.txt
Added	Reference	https://vuldb.com/?ctiid.259053
Added	Reference	https://vuldb.com/?id.259053
Added	Reference	https://vuldb.com/?submit.304567
Added	Reference	https://vuldb.com/?submit.607684

Share the Post:

CVE-2025-10304 – Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.3.8 – Missing Authorization to Unauthenticated Backup Failure

CVE ID : CVE-2025-10304 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The Everest Backup –

CVE-2025-12585 – MxChat – AI Chatbot for WordPress <= 2.5.5 – Unauthenticated Information Exposure

CVE ID : CVE-2025-12585 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The MxChat – AI

Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN

Company Registration Number: 5334133
Company VAT Number: 855 7246 95

CVE-2025-7208 – Plan9port X509 Heap Buffer Overflow Vulnerability

New CVE Received
by [email protected]

Related Posts

CVE-2025-10304 – Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.3.8 – Missing Authorization to Unauthenticated Backup Failure

CVE-2025-12585 – MxChat – AI Chatbot for WordPress <= 2.5.5 – Unauthenticated Information Exposure

Useful Links

Other Links

CVE-2025-7208 – Plan9port X509 Heap Buffer Overflow Vulnerability

New CVE Received by [email protected]

Related Posts

CVE-2025-10304 – Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.3.8 – Missing Authorization to Unauthenticated Backup Failure

CVE-2025-12585 – MxChat – AI Chatbot for WordPress <= 2.5.5 – Unauthenticated Information Exposure

Useful Links

Other Links

New CVE Received
by [email protected]