Security News > 2025 > March > Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
2025-03-13 07:13
Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when parsing certain font
News URL
https://thehackernews.com/2025/03/meta-warns-of-freetype-vulnerability.html
Related news
- CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) (source)
- OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- CVE fallout: The splintering of the standard vulnerability tracking system has begun (source)
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610) (source)