Vulnerability Description
Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freedesktop | Poppler | < 25.06.0 |
Related Weaknesses (CWE)
References
- https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cdPatch
- https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8Patch
- https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581ExploitIssue TrackingVendor Advisory
- https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828Product
- https://securitylab.github.com/advisories/GHSL-2025-054_poppler/ExploitThird Party Advisory
- http://www.openwall.com/lists/oss-security/2025/07/11/5
- http://www.openwall.com/lists/oss-security/2025/07/12/1
FAQ
What is CVE-2025-52886?
CVE-2025-52886 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count an...
How severe is CVE-2025-52886?
CVE-2025-52886 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-52886?
Check the references section above for vendor advisories and patch information. Affected products include: Freedesktop Poppler.