Integer Overflow Vulnerability in FreeImage Library by FreeImage
CVE-2025-65803

6.5MEDIUM

Key Information:

Vendor: FreeImage
Status: FreeImage
Vendor: CVE Published:; 10 December 2025

What is CVE-2025-65803?

An integer overflow vulnerability in the psdParser::ReadImageData function of FreeImage allows attackers to exploit this weakness by providing a specially crafted PSD file. This can result in a Denial of Service (DoS) condition, disrupting the service and availability of applications relying on this library. Users of FreeImage prior to version 3.18.0 are particularly at risk and should consider updating to the latest release to mitigate this vulnerability.

References

https://freeimage.sourceforge.io/download.html

https://gist.github.com/1mxml/cabd6d972557d9d992fe5f4f6ca...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2025
Vulnerability Reserved
Nov 18, 2025

JSON