CVE-2025-61842

Published Nov 11, 2025

Last updated 7 months ago

CVSS medium 5.5

Overview

Description: Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Source: psirt@adobe.com
NVD status: Analyzed
Products: format_plugins

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

psirt@adobe.com: CWE-416

Hype score: Not currently trending

CVE-2025-61842 Use After Free Vulnerability in Format Plugins 1.1.1 Enabling Memory Information Disclosure https://t.co/HrkcdQhIed
@VulmonFeeds
11 Nov 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adobe:format_plugins:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9FE89744-A347-4449-8733-D54CA0E25723",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References