Information Disclosure Vulnerability in SQLite's Zipfile Extension

CVE-2025-70873

What is CVE-2025-70873?

An information disclosure vulnerability in the zipfileInflate function within the zipfile extension of SQLite versions prior to v3.51.1 enables attackers to exploit crafted ZIP files to extract sensitive information from heap memory, posing a significant risk to users' data integrity.

References