Medium severity5.3NVD Advisory· Published Jan 18, 2026· Updated Apr 29, 2026
CVE-2025-15536
CVE-2025-15536
Description
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. Patch name: 345c9a50ab07018f1b4439776bad78a0d40778ec. To fix this issue, it is recommended to deploy a patch.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openccnpm | < 1.2.0 | 1.2.0 |
Affected products
3- ghsa-coords2 versions
< 1.2.0+ 1 more
- (no CPE)range: < 1.2.0
- (no CPE)range: < 1.2.0-1.1
Patches
Vulnerability mechanics
References
9- github.com/BYVoid/OpenCC/commit/345c9a50ab07018f1b4439776bad78a0d40778ecnvdPatchWEB
- github.com/BYVoid/OpenCC/pull/1005nvdIssue TrackingPatchWEB
- github.com/BYVoid/OpenCC/issues/997nvdExploitIssue TrackingPatchWEB
- vuldb.comnvdExploitThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-5pr6-crvp-2j9fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-15536ghsaADVISORY
- vuldb.comnvdThird Party AdvisoryVDB EntryWEB
- github.com/oneafter/1222/blob/main/repronvdProductWEB
- vuldb.comnvdPermissions RequiredVDB EntryWEB
News mentions
0No linked articles in our index yet.