BYVoid OpenCC MaxMatchSegmentation.cpp MaxMatchSegmentation heap-based overflow_CVE-2025-15536

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. Patch name: 345c9a50ab07018f1b4439776bad78a0d40778ec. To fix this issue, it is recommended to deploy a patch.

Basic Information

ID CVE-2025-15536

Source VulDB

Published Jan 18, 2026 at 09:02

Affected Product

Vendor BYVoid

Product OpenCC

Version 1.1.0

Affected Versions BYVoid OpenCC 1.1.0
BYVoid OpenCC 1.1.1
BYVoid OpenCC 1.1.2
BYVoid OpenCC 1.1.3
BYVoid OpenCC 1.1.4
BYVoid OpenCC 1.1.5
BYVoid OpenCC 1.1.6
BYVoid OpenCC 1.1.7
BYVoid OpenCC 1.1.8
BYVoid OpenCC 1.1.9

CWE Classification

CWE-122 CWE-119

References

{
    "lastseen": "",
    "description": "A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. Patch name: 345c9a50ab07018f1b4439776bad78a0d40778ec. To fix this issue, it is recommended to deploy a patch.",
    "published": "2026-01-18T09:02:12.026Z",
    "modified": "2026-01-18T09:02:12.026Z",
    "type": "cve",
    "title": "BYVoid OpenCC MaxMatchSegmentation.cpp MaxMatchSegmentation heap-based overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.341708\nhttps://vuldb.com/?ctiid.341708\nhttps://vuldb.com/?submit.733347\nhttps://github.com/BYVoid/OpenCC/issues/997\nhttps://github.com/BYVoid/OpenCC/pull/1005\nhttps://github.com/oneafter/1222/blob/main/repro\nhttps://github.com/BYVoid/OpenCC/commit/345c9a50ab07018f1b4439776bad78a0d40778ec",
    "id": "CVE-2025-15536",
    "bulletinFamily": "",
    "cwe": [
        "CWE-122",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "BYVoid OpenCC 1.1.0\nBYVoid OpenCC 1.1.1\nBYVoid OpenCC 1.1.2\nBYVoid OpenCC 1.1.3\nBYVoid OpenCC 1.1.4\nBYVoid OpenCC 1.1.5\nBYVoid OpenCC 1.1.6\nBYVoid OpenCC 1.1.7\nBYVoid OpenCC 1.1.8\nBYVoid OpenCC 1.1.9",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OpenCC",
    "version": "1.1.0",
    "vendor": "BYVoid",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}