{"id":"CVE-2025-5899","details":"A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.","modified":"2026-04-10T05:31:41.122490Z","published":"2025-06-09T22:15:22Z","references":[{"type":"WEB","url":"https://drive.google.com/file/d/1YPJLiBzOwVTcc2FzdawYxBJWGujwqy7o/view?usp=sharing"},{"type":"WEB","url":"https://savannah.gnu.org/bugs/index.php?67072"},{"type":"WEB","url":"https://vuldb.com/?ctiid.311671"},{"type":"WEB","url":"https://vuldb.com/?id.311671"},{"type":"WEB","url":"https://vuldb.com/?submit.586106"},{"type":"WEB","url":"https://www.gnu.org/"}],"schema_version":"1.7.5"}