Medium severity5.3NVD Advisory· Published Aug 19, 2025· Updated Jun 17, 2026
CVE-2025-9136
CVE-2025-9136
Description
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/libretro/RetroArch/pull/17555nvdIssue TrackingPatch
- github.com/libretro/RetroArch/pull/17555nvdIssue TrackingPatch
- github.com/libretro/RetroArch/pull/17555/commits/6446f045ec7fc6a5cac3e8ec35a2f0a5889c88e8nvdPatch
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- github.com/libretro/RetroArch/releases/tag/v1.21.0nvdRelease Notes
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.