Null Pointer Dereference in MuPDF EPUB Rendering
CVE-2025-55780

7.5HIGH

Key Information:

Vendor: Artifex Software
Status: MuPDF
Vendor: CVE Published:; 23 September 2025

🔔 Create Artifex Software Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-55780?

A flaw exists within the MuPDF library, specifically in version 1.26.4 where a null pointer dereference can occur in the function responsible for rendering malformed EPUB documents. When handling a FLOW_WORD node, the function fails to authenticate the validity of a pointer before accessing it. This oversight can lead to application crashes, particularly if the rendering process encounters an error or results in a truncated node chain.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-55780
Created by ISH2YU

References

https://bugs.ghostscript.com/show_bug.cgi?id=708720

https://github.com/ISH2YU/CVE-2025-55780/tree/main

https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/c...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Sep 24, 2025
👾
Exploit known to exist
Sep 24, 2025
Vulnerability published
Sep 23, 2025
Vulnerability Reserved
Aug 16, 2025

JSON