Medium severity6.2NVD Advisory· Published Apr 4, 2026· Updated Apr 16, 2026

CVE-2018-25238

Description

VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/46385nvd
www.microsoft.com/store/productId/9NC1RLNH76PBnvd
www.vulncheck.com/advisories/vsco-denial-of-service-via-searchnvd

News mentions

No linked articles in our index yet.

cvss	0.403
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000