CVE-2025-15272 | FontForge SFD File Parser heap-based overflow (ZDI-25-1192)

A vulnerability categorized as critical has been discovered in FontForge. Affected by this issue is some unknown functionality of the component SFD File Parser. The manipulation results in heap-based buffer overflow.

This vulnerability is cataloged as CVE-2025-15272. The attack may be launched remotely. There is no exploit available.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.VulDB Recent EntriesRead More