CVE-2025-14308 CRITICAL

CVE-2025-14308: Integer Overflow in Robocode's Buffer Write Method

Vendor Robocode Project
Product Robocode
Weakness CWE-190
Published December 9, 2025
Last update December 9, 2025

CVSS base score

10.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:D/RE:M/U:Red

What the vulnerability does

01Description

An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length of data being written, allowing attackers to cause an overflow, potentially leading to buffer overflows and arbitrary code execution. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the data length, leading to potential unauthorized code execution.

Key dates

02Disclosure timeline

December 9, 2025 CVE published
December 9, 2025 Record updated