Medium severity5.3NVD Advisory· Published Jan 18, 2026· Updated Apr 29, 2026
CVE-2025-15536
CVE-2025-15536
Description
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. Patch name: 345c9a50ab07018f1b4439776bad78a0d40778ec. To fix this issue, it is recommended to deploy a patch.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openccnpm | < 1.2.0 | 1.2.0 |
Affected products
1Patches
1345c9a50ab07Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- github.com/BYVoid/OpenCC/commit/345c9a50ab07018f1b4439776bad78a0d40778ecnvdPatchWEB
- github.com/BYVoid/OpenCC/pull/1005nvdIssue TrackingPatchWEB
- github.com/BYVoid/OpenCC/issues/997nvdExploitIssue TrackingPatchWEB
- vuldb.comnvdExploitThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-5pr6-crvp-2j9fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-15536ghsaADVISORY
- vuldb.comnvdThird Party AdvisoryVDB EntryWEB
- github.com/oneafter/1222/blob/main/repronvdProductWEB
- vuldb.comnvdPermissions RequiredVDB EntryWEB
News mentions
0No linked articles in our index yet.