CVE-2025-65088 - Vulnerability Details

- Out-of-bounds read in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share

Description

An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.

Published: 2026-05-12

Score: 8.4 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is an out-of-bounds read that can be triggered when the system parses a specially crafted VC6 file. The read allows sensitive data to be exposed and, in certain circumstances, supports execution of arbitrary code, which represents a high‑risk compromise of confidentiality, integrity, and availability.

Affected Systems

Affected products include Ashlar‑Vellum Argon, Ashlar‑Vellum Cobalt, Ashlar‑Vellum Cobalt Share, Ashlar‑Vellum Lithium, and Ashlar‑Vellum Xenon. All versions up to and including build 12.6.1204.216 are affected; upgrades to build 12.6.1204.217 or later are required.

Risk and Exploitability

The CVSS score of 8.4 indicates significant severity. The EPSS score is undefined, so the current probability of exploitation is unknown, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to provide a malicious VC6 file that the vulnerable software will parse, so the attack vector is likely local or via a network path that delivers that file to the system.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Ashlar-Vellum

Cobalt

unaffected

Version	Status	Constraints
`0`	affected	≤ 12.6.1204.216

Ashlar-Vellum

Xenon

unaffected

Version	Status	Constraints
`0`	affected	≤ 12.6.1204.216

Ashlar-Vellum

Argon

unaffected

Version	Status	Constraints
`0`	affected	≤ 12.6.1204.216

Ashlar-Vellum

Lithium

unaffected

Version	Status	Constraints
`0`	affected	≤ 12.6.1204.216

Ashlar-Vellum

Cobalt Share

unaffected

Version	Status	Constraints
`0`	affected	≤ 12.6.1204.216

Configuration 1 [-]

OR	cpe:2.3:a:ashlar:argon::::::::
	cpe:2.3:a:ashlar:cobalt::::::::
	cpe:2.3:a:ashlar:cobalt_share::::::::
	cpe:2.3:a:ashlar:lithium::::::::
	cpe:2.3:a:ashlar:xenon::::::::

No data.

Vendor Product Confidence Versions

Ashlar Vellum

Argon

100%

Version	Status	Scheme	Platform
`[0,12.6.1204.216]`	affected	generic	—

Ashlar Vellum

Cobalt

100%

Version	Status	Scheme	Platform
`[0,12.6.1204.216]`	affected	generic	—

Ashlar Vellum

Cobalt Share

100%

Version	Status	Scheme	Platform
`[0,12.6.1204.216]`	affected	generic	—

Ashlar Vellum

Lithium

100%

Version	Status	Scheme	Platform
`[0,12.6.1204.216]`	affected	generic	—

Ashlar Vellum

Xenon

100%

Version	Status	Scheme	Platform
`[0,12.6.1204.216]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

Vendor Solution

Ashlar-Vellum recommends users update to build 12.6.1204.217 and later.

OpenCVE Recommended Actions

Apply the Ashlar‑Vellum update to build 12.6.1204.217 or later to eliminate the out‑of‑bounds read flaw.
Restrict the ability of untrusted users to place VC6 files in locations examined by the affected products; consider implementing file‑type validation or sandboxing for file parsing processes.
Ensure the principle of least privilege is enforced on systems that run the vulnerable applications, limiting the damage that could result if arbitrary code is executed.

Generated by OpenCVE AI on May 12, 2026 at 22:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction Active

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0001.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-01

History

Thu, 14 May 2026 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ashlar Ashlar argon Ashlar cobalt Ashlar cobalt Share Ashlar lithium Ashlar xenon
CPEs		cpe:2.3:a:ashlar:argon:::::::: cpe:2.3:a:ashlar:cobalt:::::::: cpe:2.3:a:ashlar:cobalt_share:::::::: cpe:2.3:a:ashlar:lithium:::::::: cpe:2.3:a:ashlar:xenon::::::::
Vendors & Products		Ashlar Ashlar argon Ashlar cobalt Ashlar cobalt Share Ashlar lithium Ashlar xenon
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

Wed, 13 May 2026 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ashlar Vellum Ashlar Vellum argon Ashlar Vellum cobalt Ashlar Vellum cobalt Share Ashlar Vellum lithium Ashlar Vellum xenon
Vendors & Products		Ashlar Vellum Ashlar Vellum argon Ashlar Vellum cobalt Ashlar Vellum cobalt Share Ashlar Vellum lithium Ashlar Vellum xenon

Tue, 12 May 2026 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 12 May 2026 21:00:00 +0000

Type	Values Removed	Values Added
Description		An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed.
Title		Out-of-bounds read in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share
Weaknesses		CWE-125
References		https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-01
Metrics		cvssV4_0 `{'score': 8.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

Subscriptions

Ashlar Argon Cobalt Cobalt Share Lithium Xenon

Ashlar Vellum Argon Cobalt Cobalt Share Lithium Xenon

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2026-05-12T20:27:39.156Z

Updated: 2026-05-12T21:12:27.588Z

Reserved: 2025-11-17T16:43:44.055Z

Link: CVE-2025-65088

Vulnrichment

Updated: 2026-05-12T21:12:22.864Z

NVD

Status : Analyzed

Published: 2026-05-12T21:16:13.700

Modified: 2026-05-14T14:57:14.227

Link: CVE-2025-65088

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-13T10:35:46Z

Weaknesses

CWE-125

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction Active

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object