CVE-2025-48172

low-risk
Published 2025-07-04

CHMLib through 2bef8d0, as used in SumatraPDF and other products, has a chm_lib.c _chm_decompress_block integer overflow. There is a resultant heap-based buffer overflow in _chm_fetch_bytes.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.6/10 Medium
LOCAL / HIGH complexity

References (5)

https://drive.google.com/file/d/1XpulFyCGlq7Szzg5RsH-eRwZ6OyuSozl/view?usp=shari...
https://drive.google.com/file/d/1wq51px42eoJz2VQ1Qu9ObPVQVom9T9H_/view?usp=shari...
https://github.com/jedwing/CHMLib/blob/2bef8d063ec7d88a8de6fd9f0513ea42ac0fa21f/...
https://github.com/sumatrapdfreader/sumatrapdf/commit/08179946a745cf1605e4b96709...
https://drive.google.com/file/d/1XpulFyCGlq7Szzg5RsH-eRwZ6OyuSozl/view?usp=shari...
20
/ 100
low-risk
Severity 15/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal