CVE-2025-65088

Analyzed Analyzed - Analysis Complete

BaseFortify

Publication date: 2026-05-12

Last updated on: 2026-05-14

Assigner: ICS-CERT

Description

An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-05-12

Last Modified

2026-05-14

Generated

2026-06-10

EPSS Evaluated

2026-06-08

NVD

CVE-2025-65088

Affected Vendors & Products

Vendor	Product	Version / Range
ashlar	argon	to 12.6.1204.216 (inc)
ashlar	cobalt	to 12.6.1204.216 (inc)
ashlar	cobalt_share	to 12.6.1204.216 (inc)
ashlar	lithium	to 12.6.1204.216 (inc)
ashlar	xenon	to 12.6.1204.216 (inc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-125	The product reads data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions have not been generated yet.

Hi! I’m here to help you understand CVE-2025-65088. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2025-65088

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart