CVE-2025-15277 | FontForge SGI File Parser heap-based overflow (ZDI-25-1186)

A vulnerability classified as critical has been found in FontForge. The affected element is an unknown function of the component SGI File Parser. The manipulation leads to heap-based buffer overflow.

This vulnerability is traded as CVE-2025-15277. It is possible to initiate the attack remotely. There is no exploit available.

VulDB is the best source for vulnerability data and more expert information about this specific topic.VulDB Recent EntriesRead More