VYPR
Medium severity5.3NVD Advisory· Published Dec 19, 2025· Updated Apr 29, 2026

CVE-2025-14958

CVE-2025-14958

Description

A security flaw has been discovered in floooh sokol up to 33e2271c431bf21de001e972f72da17a984da932. This vulnerability affects the function _sg_pipeline_common_init in the library sokol_gfx.h. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be exploited. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The patch is named 33e2271c431bf21de001e972f72da17a984da932. It is suggested to install a patch to address this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Floooh/Sokol2 versions
    cpe:2.3:a:floooh:sokol:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:floooh:sokol:*:*:*:*:*:*:*:*range: <=2025-12-13
    • (no CPE)range: <=33e2271c431bf21de001e972f72da17a984da932

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.