Vulnerability Description
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sqlite | Sqlite | < 3.50.2 |
Related Weaknesses (CWE)
References
- https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb2Patch
- http://seclists.org/fulldisclosure/2025/Sep/49
- http://seclists.org/fulldisclosure/2025/Sep/53
- http://seclists.org/fulldisclosure/2025/Sep/56
- http://seclists.org/fulldisclosure/2025/Sep/57
- http://seclists.org/fulldisclosure/2025/Sep/58
- http://www.openwall.com/lists/oss-security/2025/09/06/1
- https://cert-portal.siemens.com/productcert/html/ssa-225816.html
- https://cert-portal.siemens.com/productcert/html/ssa-485750.html
FAQ
What is CVE-2025-6965?
CVE-2025-6965 is a vulnerability with a CVSS score of 9.8 (CRITICAL). There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recomme...
How severe is CVE-2025-6965?
CVE-2025-6965 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-6965?
Check the references section above for vendor advisories and patch information. Affected products include: Sqlite Sqlite.