Overview CVE-2025-58479 describes a medium-severity out-of-bounds read vulnerability found in libimagecodec.quram.so, a library used by Samsung devices for image processing. This vulnerability, present in versions prior to SMR Dec-2025 Release 1, could allow remote attackers to potentially access sensitive information by reading memory outside the intended boundaries. This article provides a detailed analysis of the vulnerability, its potential impact, and mitigation strategies. Technical Details The vulnerability stems from insufficient bounds checking within the libimagecodec.quram.so library when processing crafted image files. Specifically, when handling certain image formats, the library may attempt to read data beyond the allocated buffer. This out-of-bounds read…

Overview CVE-2025-58478 is a medium-severity vulnerability affecting Samsung devices due to an out-of-bounds write in the libimagecodec.quram.so library. This vulnerability allows remote attackers to potentially access memory outside of the intended bounds, leading to unpredictable behavior and potential security breaches. The issue is addressed in the SMR Dec-2025 Release 1. Technical Details The vulnerability resides in the libimagecodec.quram.so library, which is responsible for handling image decoding operations on Samsung devices. An attacker can trigger an out-of-bounds write by providing a specially crafted image file that exploits a flaw in the library’s memory management or bounds checking. Successful exploitation allows the…

Overview CVE-2025-58477 is a security vulnerability affecting Samsung devices. It involves an out-of-bounds write error in the libimagecodec.quram.so library, specifically during the parsing of IFD (Image File Directory) tags. This vulnerability, if exploited, could allow remote attackers to potentially access memory outside of allocated buffers, leading to code execution or denial of service. The vulnerability affects devices with versions of libimagecodec.quram.so prior to the SMR (Security Maintenance Release) of December 2025 Release 1. Technical Details The vulnerability stems from improper bounds checking within the libimagecodec.quram.so library when processing IFD tags within image files. An attacker could craft a malicious image…

Overview CVE-2025-58476 is a medium-severity vulnerability affecting a bootloader in certain devices. This vulnerability allows a physical attacker to potentially read data from memory locations outside of the intended boundaries. Successfully exploiting this flaw could give attackers access to sensitive information stored in memory. The vulnerability was discovered and addressed in the Security Maintenance Release (SMR) of December 2025, Release 1. Technical Details The vulnerability is an out-of-bounds read. This means the bootloader code attempts to access a memory location outside of the allocated buffer or data structure. This can happen due to various programming errors, such as incorrect indexing…

Overview CVE-2025-58475 is a medium severity vulnerability affecting the libsec-ril.so library in Samsung devices. This vulnerability, discovered and patched in the SMR Dec-2025 Release 1, stems from improper input validation, allowing a local privileged attacker to potentially write out-of-bounds memory. This could lead to a variety of security issues, including denial of service or even arbitrary code execution in privileged contexts. Technical Details The vulnerability lies within the libsec-ril.so library, which is likely involved in radio interface layer (RIL) functionality on Samsung devices. The specifics of the vulnerable code path aren’t publicly detailed beyond the provided description. However, the core…

Overview CVE-2025-55129 describes a username handling vulnerability in Revive Adserver that allows for impersonation attacks. Discovered by HackerOne community members, this vulnerability persists despite previous attempts to fix similar issues (CVE-2025-52672). The core issue stems from the ability to create user accounts with usernames that visually resemble existing accounts, primarily through the use of homoglyphs (characters that look similar to others). Technical Details Following the attempted fix for CVE-2025-52672, Kassem S.(kassem_s94) discovered alternate techniques to exploit the username handling within Revive Adserver. The vulnerability lies in the insufficient sanitization or validation of usernames during account creation and login. Attackers can…

Overview CVE-2025-21080 is a medium severity vulnerability affecting Samsung devices that utilize the Dynamic Lockscreen feature. This vulnerability stems from an improper export of Android application components within the Dynamic Lockscreen application. Specifically, it allows a local attacker to potentially gain access to files with the Dynamic Lockscreen application’s privileges, potentially exposing sensitive user data or system information. Technical Details The root cause of this vulnerability lies in the insufficient access control applied to exported components within the Dynamic Lockscreen application. The improper export allows other applications (including malicious ones installed locally by the user, or with escalated privileges) to…

Overview CVE-2025-21072 is a medium-severity vulnerability affecting Samsung devices. This vulnerability stems from an out-of-bounds write issue within the fingerprint trustlet’s metadata decoding process. A local attacker with elevated privileges could exploit this flaw to overwrite memory beyond the allocated buffer, potentially leading to code execution or denial of service. Technical Details The vulnerability lies in the way the fingerprint trustlet handles metadata. Specifically, during the decoding of fingerprint metadata, insufficient bounds checking allows an attacker to craft malicious metadata that can cause a write operation to extend beyond the intended buffer. This out-of-bounds write can corrupt adjacent memory regions,…

Overview CVE-2025-66448 identifies a critical remote code execution (RCE) vulnerability in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability affects versions prior to 0.11.1. It allows an attacker to execute arbitrary code on a victim’s machine by exploiting a flaw in how vLLM handles model configurations, specifically when using the `auto_map` feature within the `Nemotron_Nano_VL_Config` class. Technical Details The vulnerability stems from the way vLLM loads model configurations that contain an `auto_map` entry. When vLLM encounters this entry, the configuration class attempts to resolve the mapping using the `get_class_from_dynamic_module(…)` function. This function fetches and immediately…

Overview CVE-2025-66415 describes a route bypass vulnerability found in fastify-reply-from, a Fastify plugin used to forward HTTP requests to other servers. Prior to version 12.5.0, a malicious actor could craft a specific URL that bypassed intended route restrictions. This would allow unauthorized access to routes that should have been protected by the defined reply.from configurations. This issue has been resolved in version 12.5.0 of the plugin. Technical Details The vulnerability stems from insufficient validation of the request URL when using reply.from to proxy requests. An attacker could manipulate the URL in a way that circumvents the route matching logic, effectively…