2430670 – (CVE-2025-15536) CVE-2025-15536 opencc: OpenCC: Heap-based buffer overflow in MaxMatchSegmentation function allows local attackers to impact system integrity.

Bug 2430670 (CVE-2025-15536) - CVE-2025-15536 opencc: OpenCC: Heap-based buffer overflow in MaxMatchSegmentation function allows local attackers to impact system integrity.

Summary: CVE-2025-15536 opencc: OpenCC: Heap-based buffer overflow in MaxMatchSegmenta...

Keywords:
Status:	NEW
Alias:	CVE-2025-15536
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2430837 2430838 2430839
Blocks:
TreeView+	depends on / blocked

Reported:	2026-01-18 10:01 UTC by OSIDB Bzimport
Modified:	2026-01-19 14:28 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-01-18 10:01:15 UTC

A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. Patch name: 345c9a50ab07018f1b4439776bad78a0d40778ec. To fix this issue, it is recommended to deploy a patch.

Note You need to log in before you can comment on or make changes to this bug.