CVE-2025-9688 LOW

CVE-2025-9688: Mupen64Plus is_viewer.c write_is_viewer integer overflow

Vendor N/A
Product Mupen64Plus
Weakness CWE-190
Published August 30, 2025
Last update September 2, 2025

CVSS base score

2.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function write_is_viewer of the file src/device/cart/is_viewer.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been disclosed publicly and may be used. The identifier of the patch is 3984137fc0c44110f1ef876adb008885b05a6e18. To fix this issue, it is recommended to deploy a patch.

Key dates

02Disclosure timeline

August 30, 2025 CVE published
September 2, 2025 Record updated