Buffer Overflow Vulnerability in ClamAV's PDF Scanning Processes
CVE-2025-20260

9.8CRITICAL

Key Information:

Vendor: Cisco
Status: Clamav
Vendor: CVE Published:; 18 June 2025

Badges

👾 Exploit Exists

What is CVE-2025-20260?

A significant vulnerability found in the PDF scanning capabilities of ClamAV allows remote, unauthenticated attackers to exploit improperly allocated memory buffers. By submitting a specially crafted PDF for scanning, attackers may cause a buffer overflow that could disrupt the ClamAV service, potentially leading to a denial of service. There exists a theoretical risk that the same vulnerability could be leveraged to execute arbitrary code with the permissions of the ClamAV process, heightening the overall security risk.

Affected Version(s)

ClamAV 1.4.2

ClamAV 1.4.1

ClamAV 1.4.0

References

https://blog.clamav.net/2025/06/clamav-143-and-109-securi...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jun 18, 2025
Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Oct 10, 2024

Cisco

Badges

What is CVE-2025-20260?

Affected Version(s)

References

CVSS V3.1

Timeline