vulnerability
FreeBSD: VID-c5889223-b4e1-11f0-ae9b-b42e991fc52e (CVE-2025-7709): SQLite < 3.50.3 -- CWE-190 Integer Overflow or Wraparound in FTS5 module
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:H/Au:S/C:N/I:C/A:P) | Oct 29, 2025 | Dec 10, 2025 | Jan 27, 2026 |
Severity
6
CVSS
(AV:N/AC:H/Au:S/C:N/I:C/A:P)
Published
Oct 29, 2025
Added
Dec 10, 2025
Modified
Jan 27, 2026
Description
https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g reports: An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds. The FreeBSD build enables the FTS5 extension by default.
Solutions
freebsd-upgrade-package-sqlite3freebsd-upgrade-package-linux_base-rl9freebsd-upgrade-package-linux-c7-sqlite
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.