CVE-2025-15535
Unknown Unknown - Not Provided
Null Pointer Dereference in Nicbarker Clay's Clay__MeasureTextCached Function

Publication date: 2026-01-18

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in nicbarker clay up to 0.14. This affects the function Clay__MeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-18
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-01-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-15535
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nicbarker clay to 0.14 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-15535 is a null pointer dereference vulnerability in the nicbarker clay library (up to version 0.14), specifically in the function Clay__MeasureTextCached within clay.h. When this function processes malformed text elements, it attempts to dereference a NULL pointer without checking its validity, causing the application to crash with a segmentation fault. This issue leads to a denial of service by crashing the program during text measurement operations. [1, 2, 4]

Impact Analysis

This vulnerability can cause denial of service by crashing the affected application when it processes crafted malformed text elements. The crash results from a null pointer dereference leading to a segmentation fault, which disrupts availability. Exploitation requires local access, and there is no impact on confidentiality or integrity. The exploit is publicly available and considered easy to execute. [1, 2, 4]

Detection Guidance

This vulnerability can be detected by reproducing the crash using the provided test harness and malformed input file. The recommended environment includes Linux x86_64 with Clang compiler and AddressSanitizer enabled. Detection involves building the project with CMake using flags: -O3 -g -fsanitize=address -fno-omit-frame-pointer -UNDEBUG, compiling the test harness with the same sanitizer flags, and running it with the malformed input file to trigger the null pointer dereference and segmentation fault. There are no specific network detection commands since the attack requires local access and affects application runtime. Example commands include: 1) Building the project: `cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS='-O3 -g -fsanitize=address -fno-omit-frame-pointer -UNDEBUG' .` 2) Compiling the test harness with similar flags. 3) Running the harness with the malformed input file to observe the crash and AddressSanitizer report. [1, 4]

Mitigation Strategies

Immediate mitigation steps include restricting local access to the affected system or application to prevent exploitation, as the vulnerability requires local access. Since no official patch or fix has been provided by the maintainers, consider using alternative products or versions that do not contain this vulnerability. Monitoring for crashes related to the Clay library and avoiding processing malformed text elements can also help reduce risk. Applying strict access controls and limiting user privileges may mitigate exploitation potential until a fix is available. [2]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-15535. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart