AI description
CVE-2025-27363 is a vulnerability found in FreeType versions 2.13.0 and below. It occurs when parsing font subglyph structures related to TrueType GX and variable font files. The issue stems from assigning a signed short value to an unsigned long, followed by adding a static value. This causes a wrap-around, resulting in a heap buffer that is too small being allocated. The vulnerability allows writing up to 6 signed long integers out of bounds relative to the undersized buffer. This out-of-bounds write can potentially lead to arbitrary code execution. It has been reported that this vulnerability may have been exploited in the wild.
- Description
- An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
- Source
- cve-assign@fb.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- FreeType Out-of-Bounds Write Vulnerability
- Exploit added on
- May 6, 2025
- Exploit action due
- May 27, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
- Hype score
- Not currently trending
Israeli spyware maker Paragon Solutions used a zero-day in the FreeFont font-rendering library to deploy the Graphite spyware on Android devices. According to SecurityWeek, the zero-day was exploited via PDF files sent via WhatsApp. The zero-day (CVE-2025-27363) was patched in
@5tuxnet
23 Jun 2025
937 Impressions
2 Retweets
11 Likes
3 Bookmarks
1 Reply
0 Quotes
👨⚖️Qilinランサムウェア、より高額な身代金を要求すべく「弁護士に電話」機能を追加 ⚠️メタが発見したFreeTypeのゼロデイ脆弱性、Paragonスパイウェア攻撃で悪用されていた(CVE-2025-27363) 〜サイバー
@MachinaRecord
23 Jun 2025
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ثغرة Zero-Day في FreeType تم استغلالها في هجمات تجسس ببرنامج Paragon في تطور خطير جديد، أعلنت شركة Meta (المالكة لتطبيق WhatsApp) عن ربطها بين ثغرة يوم صفر في مكتبة FreeType
@hiddenlockT
22 Jun 2025
143 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Remember when Meta published about an ITW FreeType OOB write vuln (CVE-2025-27363) in March? Turns out, Meta links this vuln to an exploit from spyware vendor Paragon https://t.co/ZhxbYHqccC
@billmarczak
20 Jun 2025
5468 Impressions
11 Retweets
27 Likes
9 Bookmarks
1 Reply
1 Quote
Meta's investigation uncovers CVE-2025-27363, a FreeType vulnerability exploited by Paragon spyware in Israel, Canada, and Singapore. The flaw allows remote code execution via heap buffer overflows. 🛡️ #FreeType #Spyware #Israel https://t.co/rpNtERL02m
@TweetThreatNews
20 Jun 2025
120 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2025-27363: FreeType- Out-of-Bounds Write Today's 1day1line is about an Out-of-Bounds Write vulnerability that occurred while processing subglyphs within a font in FreeType, an open source font rendering library! For more details, please check out the blog!👇
@hackyboiz
4 Jun 2025
1905 Impressions
8 Retweets
16 Likes
10 Bookmarks
1 Reply
0 Quotes
#Vulnerability #CVE202527363 CVE-2025-27363: Font Library FreeType Flaw Exploited in the Wild, Millions at Risk https://t.co/4mozA34kMC
@Komodosec
2 Jun 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
20 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
19 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Pixel 緊急アップデート🛡️ゼロデイ修正 ✅5月セキュリティパッチ配信中 ✅CVE-2025-27363など28件一括修正 ✅Pixel 6〜9a/Tabletが対象 ✅設定→システム→システムアップデートで即DL ✅更新後はロールバック不可
@168_RAY_
17 May 2025
207 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
17 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
17 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Última atualização de segurança, foi em Fevereiro deste ano. Uma falha foi encontrada e apontada em março. @MotorolaBR 😕 * CVE-2025-27363 https://t.co/cYRnXj3ZjS
@jeiel_0rbit
12 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
12 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-27363: A zero-click RCE in FreeType exploited in the wild. Impacts Android, Linux, and major browsers. Discovered by Meta, patched by Google in May 2025. Update FreeType to v2.13.1+ immediately. #CVE202527363 #Android #FreeType #RCE #CyberSecurity https://t.co/2CqMiN1bUf
@stephan_fr9324
12 May 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
11 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Android users: #Google just patched a serious zero-day (CVE-2025-27363) being actively exploited. Update your phone *immediately*. The bug lives in the FreeType library. https://t.co/5QgqlQYoZQ #zeroday
@top10vpn
11 May 2025
131 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
10 May 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
به تازگی گوگل برای ۵۷ آسیب پذیری که مهمترین آنها ، آسیب پذیری از نوع RCE با کد شناسایی CVE-2025-27363 می باشد ، پچ و به روز رسانی لازم را منتشر نموده است. گوشی های ان
@AmirHossein_sec
10 May 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
👩🏻💻CVE-2025-27363 – Android System Component Exploit Severity: High (CVSS 8.1) A flaw in Android’s System component enables local code execution without needing additional privileges. Google reported targeted exploitation of this vulnerability. Reference: https:
@miss_redhat
10 May 2025
22 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
10 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
گوگل بهروزرسانی امنیتی ماه می را برای اندروید منتشر کرده که شامل رفع ۴۶ آسیبپذیری امنیتی است. یکی از این آسیبپذیریها با شناسه CVE-2025-27363 (با امتیاز CVSS
@cybernetic_cy
10 May 2025
151 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Společnost Google vydala začátkem května update systému Android, který opravuje řadu zranitelností včetně vážného Zero-day CVE-2025-27363. Chyba v renderovacím enginu FreeType spočívala v out-of-bounds write a mohla vést k arbitrary code execution. Druhá p
@AlefSecurity
9 May 2025
79 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
9 May 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
開源字型引擎FreeType在今年3月被Facebook安全團隊披露有重大漏洞CVE-2025-27363,並表示可能被利用,如今Google在5月Andorid例行更新修補這項漏洞,指出已有駭客利用此漏洞於攻擊行動的跡象, 額外一提的是,3月底Red H
@cheng527
9 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
8 May 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google has released the May 2025 security updates for Android with fixes for 45 security flaws. Fixes include actively exploited zero-click FreeType 2 code execution vulnerability tracked as CVE-2025-27363, is a high-severity arbitrary code execution bug https://t.co/ujMQv6jVGl h
@riskigy
8 May 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Múltiples vulnerabilidades en los productos Samsung ❗CVE-2025-27363 ❗CVE-2025-20957 ❗CVE-2025-20963 ➡️Más info: https://t.co/dTeyFqc44S https://t.co/I6LfGMUYd9
@CERTpy
8 May 2025
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
أطلقت جوجل تحديث أمان جديد لأندرويد، يعالج 46 ثغرة أمنية، بما في ذلك ثغرة حرجة تم استغلالها فعليًا (CVE-2025-27363)⚠️!! ينصح بتحديث أجهزتكم فورًا لضمان الأمان. ه
@almutamayiz99_
8 May 2025
408 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢Google ออกอัปเดตแก้ไขช่องโหว่ CVE-2025-27363 บน Android หลังพบการโจมตี#ThaiCERT #NCSA #CybersecurityNew สามารถติดตามข่าวสารได้ที่ https://t.co/HCsLrrY
@ThaiCERTByNCSA
8 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Out of bounds write vulnerability in FreeType versions 2.13.0 and below (CVE-2025-27363) #CVE202527363 #CyberSecurity #FreeType #OutofBoundsWriteVulnerability https://t.co/1whSMRDlxG https://t.co/t8sTC5U8qD
@SystemTek_UK
8 May 2025
40 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness Androids May 2025 Update Tackles CVE-2025-27363 & More Langflow & MagicINFO Exploited, Kibana at Risk | 07-05-2025 Source: https://t.co/TvKLF2hmm7 Key details below ↓ 💀Threats: Mirai, 🎯Victims: Android, Langflow, Samsung magicinfo,
@rst_cloud
8 May 2025
61 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
8 May 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Androidの定例アップデートでFreeTypeのゼロデイ脆弱性(CVE-2025-27363)が修正 #セキュリティ対策Lab #セキュリティ #Security https://t.co/aIzkUWMa8D
@securityLab_jp
7 May 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#TusksUp 🧵1/ URGENT: Android Zero-Day Exploited in the Wild Google just patched CVE-2025-27363 — a critical Android System flaw that's already being used by attackers. If you’re using an Android device, read this now. 👇
@byte_lock
7 May 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔐 Android Users: Critical Security Update Released Google has rolled out the May 2025 Android security update, addressing 47 vulnerabilities, including an actively exploited zero-day flaw (CVE-2025-27363). This update is crucial for protecting your device against potential ht
@Synergycorpp
7 May 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 One malicious font file could compromise your entire device and you’d never know Google just patched CVE-2025-27363 in its May 2025 Android security update. It’s a critical vulnerability already being exploited in the wild. https://t.co/mJfJQ7H5t8
@efani
7 May 2025
316 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-27363
@transilienceai
7 May 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google's May 2025 Android Security Bulletin patches 46 vulnerabilities, including the active exploit CVE-2025-27363, a local code execution flaw. Timely updates are crucial for device security. 🔒 #Android #SecurityUpdate #USA https://t.co/6s4tw6tI6N
@TweetThreatNews
7 May 2025
83 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited #FreeType flaw fixed in #Android (#CVE-2025-27363) https://t.co/GxDrbyrbq9
@ScyScan
7 May 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
グーグル、アンドロイドで積極的に悪用されていたFreeTypeの欠陥を修正(CVE-2025-27363) https://t.co/rHkRyGTKHU #Security #セキュリティ #ニュース
@SecureShield_
7 May 2025
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-27363 #FreeType Out-of-Bounds Write Vulnerability https://t.co/0l3MQxdjQn
@ScyScan
6 May 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Android Alert! Google patches CVE-2025-27363, a critical FreeType vulnerability actively exploited in the wild. 🔧 Found by Facebook 📱 Affects millions of Android devices ⚠️ Update to May 2025 patch now! 🔗https://t.co/hzla5CXtGV #Android #CVE202527363 #CyberSecur
@cybrhoodsentinl
6 May 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ¡Actualiza tu Android YA! 🚨 Google corrige la vulnerabilidad CVE-2025-27363, explotada activamente, que permite ejecutar código sin interacción. 📱 Afecta FreeType en Android 13-15. Instala el parche de mayo 2025 (nivel 2025-05-05) para protegerte. #AndroidSecurity h
@GeosbanysC
6 May 2025
30 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added a FreeType out-of-bounds write vulnerability CVE-2025-27363 to our Known Exploited Vulnerabilities Catalog. Visit Redirect to https://t.co/bJOgGeWmb8 & apply mitigations to protect your org from cyberattacks. https://t.co/2nABOzt2eB
@CISACyber
6 May 2025
5011 Impressions
15 Retweets
25 Likes
1 Bookmark
0 Replies
2 Quotes
SunsetHost Hacker News Report: Google Addresses Critical Android Vulnerability CVE-2025-27363 in May 2025 Security Update https://t.co/FDqXtU2Nrb https://t.co/mj3RFfmlvw
@DonELichterman
6 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Google just fixed a major Android flaw! CVE-2025-27363 lets hackers run code without your action. 📲 Update your Android now! #CyberSecurity #HoplonInfosec #AndroidSecurity #Google #CVE202527363 #Android https://t.co/1LUshMXgyQ
@HoplonInfosec
6 May 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Android Flaw Exploited in the Wild - Google Urges Users to Update ASAP Google just released its May 2025 Android security update, patching 46 vulnerabilities - including one that’s already being actively exploited. 📌 The critical flaw: - CVE-2025-27363 (CVSS 8.1) - F
@efani
6 May 2025
287 Impressions
1 Retweet
2 Likes
0 Bookmarks
1 Reply
0 Quotes
Update ASAP: Google Fixes Android #flaw (#CVE-2025-27363) Exploited by Attackers https://t.co/tZOpn8MXDu
@AdliceSoftware
6 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update ASAP: Google fixes Android flaw (CVE-2025-27363) exploited by attackers https://t.co/liH7ZqIf3r
@sabatage
6 May 2025
278 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47088474-E5B5-4220-8F12-D664F2DED5C1",
"versionEndIncluding": "2.13.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
],
"operator": "OR"
}
]
}
]