CVE-2019-25327

CRITICAL 9.8

Prime95 Version 29.8 build 6 - Buffer Overflow (SEH)

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110.

CWE	CWE-122
Vendor	mersenne research, inc
Product	prime95
Published	Feb 12, 2026
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for mersenne research, inc prime95

Be the first to know when new critical vulnerabilities affecting mersenne research, inc prime95 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Mersenne Research, Inc / Prime95

29.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/47802 mersenne.org: https://www.mersenne.org vulncheck.com: https://www.vulncheck.com/advisories/prime-version-build-buffer-overflow-seh

Credits

Achilles