CNNVD-202601-2967 Information

CNNVD ID

CNNVD-202601-2967

Related CVE

CVE-2025-15533

• CNNVD Published: 2026-01-18

Description (Chinese)

raylib是raysan5个人开发者的一个简单易用的库，可以享受视频游戏编程。 raylib 909f040及之前版本存在安全漏洞，该漏洞源于src/rtext.c文件中GenImageFontAtlas函数存在堆缓冲区溢出，可能导致本地攻击。

Description (English)

Raylib is an easy-to-use library for Raysan5 individual developers and can benefit from video game programming. There is a security loophole in the Raylib 909f040 and earlier versions, which stems from the spilling of the GenImageFont Atlas function in document src/rtext.c, which could lead to local attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-18

Last Modified

2026-02-24

References

https://github.com/oneafter/1224/blob/main/hbf2 https://github.com/raysan5/raylib/commit/5a3391fdce046bc5473e52afbd835dd2dc127146 https://github.com/raysan5/raylib/issues/5433 https://github.com/raysan5/raylib/pull/5450 https://vuldb.com/?ctiid.341705 https://vuldb.com/?id.341705 https://vuldb.com/?submit.733341 https://vuldb.com/?submit.733342

Patch

https://www.raylib.com/