All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2025-7018
MEDIUMpublished 2026-06-12 22:16 UTC · 12 days ago · modified 2026-06-15 20:49 UTC
5.5
CVSS / 10
// description
Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64.
// cvss 3.1 vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
// weaknesses (CWE)
- CWE-476