{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-69720", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-19T14:52:32.368Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-03-19T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-19T14:52:32.368Z"}, "descriptions": [{"lang": "en", "value": "ncurses v6.5 and v6.4 are vulnerable to Buffer Overflow in progs/infocmp.c, function analyze_string()."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://marc.info/?l=ncurses-bug&m=176539968328570&w=2"}, {"url": "https://marc.info/?l=ncurses-bug&m=176540731801330&w=2"}, {"url": "https://marc.info/?l=ncurses-bug&m=176545557728083&w=2"}, {"url": "https://github.com/Cao-Wuhui/CVE-2025-69720"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "ncurses v6.5 and v6.4 are vulnerable to Buffer Overflow in progs/infocmp.c, function analyze_string()."}], "id": "CVE-2025-69720", "lastModified": "2026-03-20T13:39:46.493", "metrics": {}, "published": "2026-03-19T15:16:21.293", "references": [{"source": "[email protected]", "url": "https://github.com/Cao-Wuhui/CVE-2025-69720"}, {"source": "[email protected]", "url": "https://marc.info/?l=ncurses-bug&m=176539968328570&w=2"}, {"source": "[email protected]", "url": "https://marc.info/?l=ncurses-bug&m=176540731801330&w=2"}, {"source": "[email protected]", "url": "https://marc.info/?l=ncurses-bug&m=176545557728083&w=2"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.", "id": "2449037", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449037"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", "status": "draft"}, "cwe": "CWE-120", "details": ["A flaw was found in ncurses. This vulnerability, a buffer overflow, exists within the `analyze_string()` function. An attacker could potentially exploit this to execute unauthorized code on the affected system, which might lead to a denial of service in the affected application, the corruption of data, or sensitive information being revealed to an attacker."], "name": "CVE-2025-69720", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ncurses", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-03-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-69720\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-69720\nhttps://github.com/Cao-Wuhui/CVE-2025-69720\nhttps://marc.info/?l=ncurses-bug&m=176539968328570&w=2\nhttps://marc.info/?l=ncurses-bug&m=176540731801330&w=2\nhttps://marc.info/?l=ncurses-bug&m=176545557728083&w=2"], "threat_severity": "Moderate"}