CVE-2025-9688

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-9688
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9688.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-9688
Downstream
Related
Published
2025-08-30T13:15:34.397Z
Modified
2026-04-10T05:37:51.641867Z
Severity
  • 1.3 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
Summary
[none]
Details

A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function writeisviewer of the file src/device/cart/is_viewer.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been disclosed publicly and may be used. The identifier of the patch is 3984137fc0c44110f1ef876adb008885b05a6e18. To fix this issue, it is recommended to deploy a patch.

References

Affected packages

Git / github.com/mupen64plus/mupen64plus-core

Affected ranges

Type
GIT
Repo
https://github.com/mupen64plus/mupen64plus-core
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3984137fc0c44110f1ef876adb008885b05a6e18

Affected versions

1.*
1.99.1
1.99.2
1.99.3
1.99.4
1.99.5
2.*
2.0
2.0-rc2
2.0-rc3
2.5
2.5.9
2.6.0
v1.*
v1.999-milestone-1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9688.json"