CVE-2018-25299

HIGH 8.4

Prime95 29.4b8 Local Buffer Overflow via SEH

CVSS Score

8.4

EPSS Score

0.0%

EPSS Percentile

0th

Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malicious payload through the optional proxy hostname field in the PrimeNet connection settings to trigger the overflow and execute system commands.

CWE	CWE-120
Vendor	mersenne
Product	prime95
Published	Apr 29, 2026

Stay Ahead of the Next One

Get instant alerts for mersenne prime95

Be the first to know when new high vulnerabilities affecting mersenne prime95 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Mersenne / Prime95

29.4b8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/44649 mersenne.org: https://www.mersenne.org/ mersenne.org: https://www.mersenne.org/download/#download vulncheck.com: https://www.vulncheck.com/advisories/prime95-29-4b8-local-buffer-overflow-via-seh

Credits

crash_manucoot