CVE-2025-11678
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-20

Last updated on: 2025-10-21

Assigner: Nozomi Networks Inc.

Description
Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation, to overflow the label_stack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer than the maximum.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-20
Last Modified
2025-10-21
Generated
2026-06-16
AI Q&A
2025-10-20
EPSS Evaluated
2026-06-14
NVD
CVE-2025-11678
EUVD
EUVD-2025-35057
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
warmcat libwebsockets 4.4.2
warmcat libwebsockets 4.1
warmcat libwebsockets 4.3.6
warmcat libwebsockets 4.2
warmcat libwebsockets 4.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stack-based buffer overflow in the lws_adns_parse_label function of warmcat libwebsockets. It occurs when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation. An attacker who can sniff a DNS request can craft a malicious DNS response with a label longer than the maximum allowed, causing the label_stack to overflow.

Impact Analysis

The vulnerability can lead to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code, cause a denial of service, or crash the application using warmcat libwebsockets with the affected configuration.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11678. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart