โ† Back to Dashboard

CVE-2025-71316

CRITICAL NVD
CVSS Score
9.8
Severity
CRITICAL
Source
NVD
Published
Jun 04, 2026
Description

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being misinterpreted as command line options. Fixed on or around 2025-12-26.

View Full Details โ† Back