Home > Vulnerability Database > CVE-2025-11015

Mend.io Vulnerability Database

CVE-2025-11015

Date: September 26, 2025

A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution. The exploit has been made available to the public and could be exploited.

Severity Score

7.7

Related Resources (7)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-11015

Url: https://vuldb.com/?submit.654340

Url: https://github.com/OGRECave/ogre/issues/3446

Url: https://vuldb.com/?ctiid.325958

Url: https://github.com/user-attachments/files/22328216/poc.zip

Url: https://vuldb.com/?id.325958

Url: https://www.mend.io/vulnerability-database/CVE-2025-11015

Severity Score

7.7

Weakness Type (CWE)

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-119

Mismatched Memory Management Routines

CWE-762

CVSS v3.1

Base Score:	7.7
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-11015

Date: September 26, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?