Moderate severityNVD Advisory· Published Oct 28, 2025· Updated Oct 28, 2025
Buffer overflow in CodeChecker log command
CVE-2025-40843
Description
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command.
This issue affects CodeChecker: through 6.26.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
codecheckerPyPI | < 6.26.2 | 6.26.2 |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
5- github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8rghsavendor-advisoryWEB
- github.com/advisories/GHSA-5xf2-f6ch-6p8rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-40843ghsaADVISORY
- github.com/Ericsson/codechecker/commit/4122eb1b43d00c880e4f0747d2ca0a674feb7a50ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/codechecker/PYSEC-2025-100.yamlghsaWEB
News mentions
0No linked articles in our index yet.