CVE-2025-7006
MEDIUMDescription
Use of stack memory after free vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25022500. The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.
Is your site exposed to CVE-2025-7006?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-7006? +
How severe is CVE-2025-7006? +
How do I check if I'm vulnerable to CVE-2025-7006? +
Related Vulnerabilities
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to …
Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
SAP MDM Server Read function allows an attacker to send specially crafted packets which could trigger a memory read access …
SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access …
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not …
SAP MDM Server allows an attacker to gain control of existing client sessions and execute certain functions without having to …