CVE-2025-20260

CRITICAL 9.8

ClamAV PDF Scanning Buffer Overflow Vulnerability

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process.

CWE	CWE-122
Vendor	cisco
Product	clamav
Ecosystems	Networking
Industries	NetworkingTelecommunications
Published	Jun 18, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for cisco clamav

Be the first to know when new critical vulnerabilities affecting cisco clamav are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Cisco / ClamAV

1.4.2 1.4.1 1.4.0 1.3.2 1.3.1 1.3.0 1.2.3 1.2.2 1.2.1 1.2.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

blog.clamav.net: https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/09/msg00006.html