CVE-2025-7709
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-08

Last updated on: 2025-11-18

Assigner: Google Inc.

Description
An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-08
Last Modified
2025-11-18
Generated
2026-06-16
AI Q&A
2025-09-08
EPSS Evaluated
2026-06-14
NVD
CVE-2025-7709
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
sqlite sqlite 3.43.0
sqlite sqlite 3.50.3
sqlite sqlite 3.49.1
sqlite sqlite 3.50.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-7709 is an integer overflow vulnerability in the SQLite FTS5 extension. It happens when calculating the size of an array of tombstone pointers, where a 64-bit multiplication result is truncated to a 32-bit integer, causing the allocated memory to be too small. This leads to a heap buffer overflow when the program writes a pointer out of bounds in the array. An attacker can exploit this by executing arbitrary SQL queries or providing a malicious SQLite database file. [1]

Impact Analysis

This vulnerability can lead to a heap buffer overflow, which may allow an attacker to write out of bounds in memory. This can cause application crashes, data corruption, or potentially enable remote code execution if exploited successfully. The attacker needs the ability to run arbitrary SQL queries or supply a crafted SQLite database to trigger the issue. [1]

Detection Guidance

This vulnerability can be detected by checking for the presence of vulnerable versions of SQLite with the FTS5 extension. Since the vulnerability is triggered by processing maliciously crafted SQLite database files or executing arbitrary SQL queries, detection involves monitoring for suspicious SQL queries or unexpected SQLite database files. Specific commands to detect vulnerable SQLite versions or scan for malicious files are not provided in the available resources. [1]

Mitigation Strategies

Immediate mitigation steps include updating SQLite to the fixed version released after July 16, 2025, which properly handles the size calculation to prevent integer overflow. Additionally, restrict or monitor the execution of arbitrary SQL queries, especially those that can manipulate FTS5 tables, and avoid processing untrusted or malicious SQLite database files. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7709. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart