Critical severity9.8NVD Advisory· Published Jul 15, 2025· Updated Apr 14, 2026
CVE-2025-6965
CVE-2025-6965
Description
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
SQLitePCLRaw.lib.e_sqlite3NuGet | <= 2.1.11 | — |
SQLitePCLRaw.lib.e_sqlite3.androidNuGet | <= 2.1.11 | — |
SQLitePCLRaw.lib.e_sqlite3.iosNuGet | <= 2.1.11 | — |
Affected products
49- osv-coords47 versionspkg:bitnami/sqlitepkg:rpm/almalinux/lemonpkg:rpm/almalinux/mingw32-sqlitepkg:rpm/almalinux/mingw32-sqlite-staticpkg:rpm/almalinux/mingw64-sqlitepkg:rpm/almalinux/mingw64-sqlite-staticpkg:rpm/almalinux/nodejspkg:rpm/almalinux/nodejs-develpkg:rpm/almalinux/nodejs-docspkg:rpm/almalinux/nodejs-full-i18npkg:rpm/almalinux/nodejs-libspkg:rpm/almalinux/nodejs-nodemonpkg:rpm/almalinux/nodejs-packagingpkg:rpm/almalinux/nodejs-packaging-bundlerpkg:rpm/almalinux/npmpkg:rpm/almalinux/sqlitepkg:rpm/almalinux/sqlite-develpkg:rpm/almalinux/sqlite-docpkg:rpm/almalinux/sqlite-libspkg:rpm/almalinux/v8-12.4-develpkg:rpm/opensuse/sqlite3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/sqlite3&distro=openSUSE%20Tumbleweedpkg:rpm/suse/sqlite3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/sqlite3&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/sqlite3&distro=SUSE%20Manager%20Server%20LTS%204.3
>= 0+ 46 more
- (no CPE)range: >= 0
- (no CPE)range: < 3.26.0-20.el8_10
- (no CPE)range: < 3.26.0.0-2.el8_10
- (no CPE)range: < 3.26.0.0-2.el8_10
- (no CPE)range: < 3.26.0.0-2.el8_10
- (no CPE)range: < 3.26.0.0-2.el8_10
- (no CPE)range: < 1:22.16.0-2.module_el8.10.0+4028+97ddca84
- (no CPE)range: < 1:22.16.0-2.module_el8.10.0+4028+97ddca84
- (no CPE)range: < 1:22.16.0-2.module_el8.10.0+4028+97ddca84
- (no CPE)range: < 1:22.16.0-2.module_el8.10.0+4028+97ddca84
- (no CPE)range: < 1:22.16.0-2.module_el8.10.0+4028+97ddca84
- (no CPE)range: < 3.0.1-1.module_el8.10.0+3983+391a1a04
- (no CPE)range: < 2021.06-4.module_el8.10.0+4006+3c416519
- (no CPE)range: < 2021.06-4.module_el8.10.0+3961+6a788e57
- (no CPE)range: < 1:10.9.2-1.22.16.0.2.module_el8.10.0+4028+97ddca84
- (no CPE)range: < 3.46.1-5.el10_0
- (no CPE)range: < 3.46.1-5.el10_0
- (no CPE)range: < 3.26.0-20.el8_10
- (no CPE)range: < 3.46.1-5.el10_0
- (no CPE)range: < 3:12.4.254.21-1.22.16.0.2.module_el8.10.0+4028+97ddca84
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.3-1.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-9.41.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-9.41.1
- (no CPE)range: < 3.50.2-1.1
- (no CPE)range: < 3.50.2-slfo.1.1_1.1
- (no CPE)range: < 3.50.2-150000.3.33.1
- (no CPE)range: < 3.50.2-150000.3.33.1
Patches
Vulnerability mechanics
References
13- www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8nvdPatchWEB
- github.com/advisories/GHSA-2m69-gcr7-jv3qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-6965ghsaADVISORY
- seclists.org/fulldisclosure/2025/Sep/49nvdWEB
- seclists.org/fulldisclosure/2025/Sep/53nvdWEB
- seclists.org/fulldisclosure/2025/Sep/56nvdWEB
- seclists.org/fulldisclosure/2025/Sep/57nvdWEB
- seclists.org/fulldisclosure/2025/Sep/58nvdWEB
- www.openwall.com/lists/oss-security/2025/09/06/1nvdWEB
- cert-portal.siemens.com/productcert/html/ssa-225816.htmlnvdWEB
- cert-portal.siemens.com/productcert/html/ssa-485750.htmlnvdWEB
- github.com/github/advisory-database/pull/7675ghsaWEB
- github.com/google/security-research/security/advisories/GHSA-qj7j-3jp8-8ccvghsaWEB
News mentions
2- ABB B&R Automation StudioCISA ICS Advisories
- Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)CISA Alerts