CVE-2025-69720 CRITICAL

Published: 2026-03-19 | Last Modified: 2026-06-02 | Status: Modified

Description

The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.

Additional Descriptions (1)

ncurses v6.5 y v6.4 son vulnerables a desbordamiento de búfer en progs/infocmp.c, función analyze_string().

CVSS Metrics

Base Score: 7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector	LOCAL
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	REQUIRED
Scope	UNCHANGED
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Availability Impact	HIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.9

Weaknesses

Source	Type	Description
[email protected]	Secondary	en CWE-121
134c704f-9b21-4f2e-91b3-4a467353bcc0	Secondary	en CWE-120

Affected Products

Vendor	Product	Version	Update	Type
invisible-island	ncurses	*	<built-in method update of dict object at 0x7f7636c0e740>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7636c0ce80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1d700>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179c500>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7636c0d480>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179ef00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179c200>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1e400>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179dd80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7636c0c280>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1f580>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7636c0cec0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1cb00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1d600>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1d300>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1c780>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7636c0d640>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1d740>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1edc0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179ce00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1f100>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179e400>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1ec40>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179ccc0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1e800>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1f7c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760179d380>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1cd00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1e540>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1f400>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1fec0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1f8c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1d140>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1e140>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1f200>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1cb40>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1c180>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1ef00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1d180>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1cf00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1f800>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601e1ea40>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177fb40>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177fb00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177c9c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177d600>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f7c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f4c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177ec80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f840>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177df00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177e2c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177c700>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f780>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f340>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177d5c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177ff80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177e800>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177e6c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177c1c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177fd80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177ef80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177e680>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177e640>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177c940>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177ca80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177fe40>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177fe00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177d340>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177d800>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177e000>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177e900>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f900>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f9c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f760177f8c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601f20e00>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601f21080>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601f20f80>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601f22180>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601f20180>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601f204c0>	Application
invisible-island	ncurses	6.5	<built-in method update of dict object at 0x7f7601f23ac0>	Application

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:invisible-island:ncurses::::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240427::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240504::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240511::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240518::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240519::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240525::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240601::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240608::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240615::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240622::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240629::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240706::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240713::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240720::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240727::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240810::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240817::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240824::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240831::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240914::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240922::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20240928::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241006::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241019::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241026::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241102::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241109::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241123::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241130::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241207::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241214::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241221::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20241228::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250104::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250111::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250118::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250125::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250201::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250208::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250215::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250216::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250222::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250301::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250308::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250315::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250322::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250329::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250405::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250412::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250419::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250426::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250503::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250510::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250517::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250524::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250531::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250614::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250621::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250628::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250705::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250712::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250720::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250726::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250802::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250809::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250816::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250823::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250830::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250913::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250920::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20250927::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251004::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251010::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251018::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251025::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251101::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251115::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251122::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251123::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251129::::::`
Yes	`cpe:2.3:a:invisible-island:ncurses:6.5:20251206::::::`

References

https://github.com/Cao-Wuhui/CVE-2025-69720
Source: [email protected]

Exploit Third Party Advisory
https://invisible-island.net/archives/ncurses/6.5/
Source: [email protected]

Release Notes
https://invisible-island.net/ncurses/
Source: [email protected]

Product
https://marc.info/?l=ncurses-bug&m=176539968328570&w=2
Source: [email protected]

Issue Tracking Mailing List Vendor Advisory
https://marc.info/?l=ncurses-bug&m=176540731801330&w=2
Source: [email protected]

Issue Tracking Mailing List Vendor Advisory
https://marc.info/?l=ncurses-bug&m=176545557728083&w=2
Source: [email protected]

Issue Tracking Mailing List Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-253495.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e