Home > Vulnerability Database > CVE-2025-9688

Mend.io Vulnerability Database

CVE-2025-9688

Good to know:

Date: August 30, 2025

A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function write_is_viewer of the file src/device/cart/is_viewer.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity Score

8.1

Related Resources (8)

Url: https://security-tracker.debian.org/tracker/CVE-2025-9688

Url: https://github.com/mupen64plus/mupen64plus-core/commit/3984137fc0c44110f1ef876adb008885b05a6e18

Url: https://github.com/Giles-one/mupen64plusEscape/tree/main/BUG10

Url: https://vuldb.com/?submit.638592

Url: https://vuldb.com/?ctiid.321900

Url: https://vuldb.com/?id.321900

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-9688

Url: https://www.mend.io/vulnerability-database/CVE-2025-9688

Severity Score

8.1

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

Numeric Errors

CWE-189

Top Fix

Upgrade Version

Upgrade to version https://github.com/mupen64plus/mupen64plus-core.git - no_fix

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-9688

Good to know:

Date: August 30, 2025

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?