What is GHSA-9952-mrqj-h4jh?

GHSA-9952-mrqj-h4jh is a security advisory published by GitHub Security Advisories with Critical severity. ncurses v6.5 and v6.4 are vulnerable to Buffer Overflow in progs/infocmp.c, function...

Which CVE IDs does GHSA-9952-mrqj-h4jh cover?

GHSA-9952-mrqj-h4jh covers the following CVE IDs: CVE-2025-69720. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-9952-mrqj-h4jh?

GHSA-9952-mrqj-h4jh has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-9952-mrqj-h4jhCriticalCVSS 9.8

ncurses v6.5 and v6.4 are vulnerable to Buffer Overflow in progs/infocmp.c, function...

Vendor

GitHub Security Advisories

Published

March 19, 2026

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2025-69720 →

📋 Description

ncurses v6.5 and v6.4 are vulnerable to Buffer Overflow in progs/infocmp.c, function analyze_string().

🔗 References (9)

https://nvd.nist.gov/vuln/detail/CVE-2025-69720
https://github.com/Cao-Wuhui/CVE-2025-69720
https://marc.info/?l=ncurses-bug&m=176539968328570&w=2
https://marc.info/?l=ncurses-bug&m=176540731801330&w=2
https://marc.info/?l=ncurses-bug&m=176545557728083&w=2
https://invisible-island.net/archives/ncurses/6.5
https://invisible-island.net/ncurses
https://cert-portal.siemens.com/productcert/html/ssa-253495.html
https://github.com/advisories/GHSA-9952-mrqj-h4jh