Medium severity6.2NVD Advisory· Published Mar 22, 2026· Updated Apr 16, 2026

CVE-2019-25598

Description

HeidiSQL Portable 10.1.0.5464 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer overflow payload into the password input during Microsoft SQL Server login to trigger an application crash.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/46749nvd
www.heidisql.comnvd
www.heidisql.com/downloads/releases/HeidiSQL_10.1_64_Portable.zipnvd
www.vulncheck.com/advisories/heidisql-portable-denial-of-service-via-buffer-overflownvd

News mentions

No linked articles in our index yet.

cvss	0.403
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000