{"id":"CVE-2025-9809","details":"Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer.","modified":"2026-04-10T05:36:47.747246Z","published":"2025-09-01T19:15:32Z","references":[{"type":"REPORT","url":"https://github.com/libretro/libretro-common/issues/222"},{"type":"WEB","url":"https://github.com/libretro/libretro-common/blob/master/formats/cdfs/cdfs.c#L471"}],"schema_version":"1.7.5"}