Memory Corruption Vulnerability in SQLite by SQLite Consortium
CVE-2025-6965
Key Information:
Badges
What is CVE-2025-6965?
CVE-2025-6965 is a memory corruption vulnerability identified in SQLite, a widely-used open-source database engine known for its simplicity and lightweight architecture. This vulnerability affects SQLite versions prior to 3.50.2 and arises when the number of aggregate terms within a query exceeds the available number of columns. Exploiting this flaw can disrupt application stability and potentially allow unauthorized actions within the system. Organizations relying on SQLite for data storage and management may face significant operational risks if this vulnerability is not addressed, as it can lead to unpredictable behavior, crashes, and security breaches.
Potential impact of CVE-2025-6965
-
System Instability: The memory corruption caused by exceeding aggregate terms can lead to application crashes or erratic behavior, significantly affecting service availability and end-user experience.
-
Data Integrity Risks: Exploitation of this vulnerability may result in unintentional data corruption or loss, compromising the integrity of stored information and undermining trust in database operations.
-
Security Breach Potential: Given the nature of memory corruption vulnerabilities, there is a risk that attackers could execute arbitrary code or gain elevated privileges, which may lead to unauthorized access and potential data theft or further exploitation.
Affected Version(s)
SQLite 0 < 3.50.2
News Articles
Cybersecurity Breakthrough: Google’s Big Sleep AI Agent detects critical SQLite vulnerability
AI Threat Defense: Google’s Big Sleep AI foils cyberattack by detecting SQLite flaw CVE-2025-6965 before exploitation.
3 weeks ago
Google says ‘Big Sleep’ AI tool found bug hackers planned to use
On Tuesday, Google said Big Sleep managed to discover CVE-2025-6965 — a critical security flaw that Google said was “only known to threat actors and was at risk of being exploited.”
3 weeks ago

Google's AI Tool Big Sleep Uncovered Critical SQLite 0-Day Vulnerability and Blocks Active Exploitation
Google's revolutionary AI-powered security tool Big Sleep has achieved a groundbreaking milestone by discovering and preventing the exploitation.
4 weeks ago
References
CVSS V4
Timeline
- 📈
Vulnerability started trending
- 👾
Exploit known to exist
- 📰
First article discovered by The Hacker News
Vulnerability published
Vulnerability Reserved