CVE-2018-25328

Received Received - Intake

BaseFortify

Publication date: 2026-05-17

Last updated on: 2026-05-17

Assigner: VulnCheck

Description

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute arbitrary code with application privileges.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-05-17

Last Modified

2026-05-17

Generated

2026-05-20

EPSS Evaluated

2026-05-19

NVD

CVE-2018-25328

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-120	The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

Attack-Flow Graph

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2018-25328

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

Ask Our AI Assistant

EPSS Chart