{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-59418", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-09-15T19:13:16.904Z", "datePublished": "2025-09-22T18:02:45.984Z", "dateUpdated": "2025-09-22T18:21:35.922Z"}, "containers": {"cna": {"title": "BunnyPad Vulnerable to Buffer Overflow When Opening Files of Size 20MB or Greater", "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/GSYT-Productions/BunnyPad-SRC/security/advisories/GHSA-qhw4-c7x5-vxmj", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/GSYT-Productions/BunnyPad-SRC/security/advisories/GHSA-qhw4-c7x5-vxmj"}, {"name": "https://github.com/GSYT-Productions/BunnyPad-SRC/commit/d9224eb5e13c24ac148a77dff93e53c21f066533", "tags": ["x_refsource_MISC"], "url": "https://github.com/GSYT-Productions/BunnyPad-SRC/commit/d9224eb5e13c24ac148a77dff93e53c21f066533"}], "affected": [{"vendor": "GSYT-Productions", "product": "BunnyPad-SRC", "versions": [{"version": "< 11.0.27000.0915", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-09-22T18:03:17.749Z"}, "descriptions": [{"lang": "en", "value": "BunnyPad is a note taking software. Prior to version 11.0.27000.0915, opening files greater than or equal to 20MB causes buffer overflow to occur. This issue has been patched in version 11.0.27000.0915. Users who wish not to upgrade should refrain from opening files larger than 10MB."}], "source": {"advisory": "GHSA-qhw4-c7x5-vxmj", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-22T18:21:25.012157Z", "id": "CVE-2025-59418", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-22T18:21:35.922Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-59418", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-22T18:21:25.012157Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-22T18:21:28.504Z"}}], "cna": {"title": "BunnyPad Vulnerable to Buffer Overflow When Opening Files of Size 20MB or Greater", "source": {"advisory": "GHSA-qhw4-c7x5-vxmj", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "GSYT-Productions", "product": "BunnyPad-SRC", "versions": [{"status": "affected", "version": "< 11.0.27000.0915"}]}], "references": [{"url": "https://github.com/GSYT-Productions/BunnyPad-SRC/security/advisories/GHSA-qhw4-c7x5-vxmj", "name": "https://github.com/GSYT-Productions/BunnyPad-SRC/security/advisories/GHSA-qhw4-c7x5-vxmj", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/GSYT-Productions/BunnyPad-SRC/commit/d9224eb5e13c24ac148a77dff93e53c21f066533", "name": "https://github.com/GSYT-Productions/BunnyPad-SRC/commit/d9224eb5e13c24ac148a77dff93e53c21f066533", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "BunnyPad is a note taking software. Prior to version 11.0.27000.0915, opening files greater than or equal to 20MB causes buffer overflow to occur. This issue has been patched in version 11.0.27000.0915. Users who wish not to upgrade should refrain from opening files larger than 10MB."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-09-22T18:03:17.749Z"}}}, "cveMetadata": {"cveId": "CVE-2025-59418", "state": "PUBLISHED", "dateUpdated": "2025-09-22T18:21:35.922Z", "dateReserved": "2025-09-15T19:13:16.904Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-09-22T18:02:45.984Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "BunnyPad is a note taking software. Prior to version 11.0.27000.0915, opening files greater than or equal to 20MB causes buffer overflow to occur. This issue has been patched in version 11.0.27000.0915. Users who wish not to upgrade should refrain from opening files larger than 10MB."}], "id": "CVE-2025-59418", "lastModified": "2025-09-22T21:22:33.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-09-22T18:15:46.740", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/GSYT-Productions/BunnyPad-SRC/commit/d9224eb5e13c24ac148a77dff93e53c21f066533"}, {"source": "security-advisories@github.com", "url": "https://github.com/GSYT-Productions/BunnyPad-SRC/security/advisories/GHSA-qhw4-c7x5-vxmj"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "BunnyPad: BunnyPad Vulnerable to Buffer Overflow When Opening Files of Size 20MB or Greater", "id": "2397473", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397473"}, "csaw": false, "cwe": "CWE-770", "details": ["No description is available for this CVE."], "name": "CVE-2025-59418", "public_date": "2025-09-22T18:02:45Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-59418\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-59418\nhttps://github.com/GSYT-Productions/BunnyPad-SRC/commit/d9224eb5e13c24ac148a77dff93e53c21f066533\nhttps://github.com/GSYT-Productions/BunnyPad-SRC/security/advisories/GHSA-qhw4-c7x5-vxmj"], "threat_severity": "Moderate"}