CVE-2025-45525 Information

Description

A null pointer dereference vulnerability was discovered in microlight.js (version 0.0.7) a lightweight syntax highlighting library. When processing elements with non-standard CSS color values the library fails to validate the result of a regular expression match before accessing its properties leading to an uncaught TypeError and potential application crash.

Reference

https://gist.github.com/Rootingg/843368931f70886bed3cf982f10a4424

Related CNNVD

CNNVD-202506-2105 (Published: 2025-06-17)