CVE-2025-27363: FreeType Out-of-Bounds Write Vulnerability. FreeType
FreeType Out-of-Bounds Write Vulnerability. FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution.
- CISA KEV-listed (remediation due 2025-05-27)
- EPSS 70.3% (98.7% percentile)