What is CVE-2019-25666?

CVE-2019-25666 is a medium-severity vulnerability in Nsauditor Spotauditor, classified under Out-of-bounds Write. CVSS score: 6.2/10. Published 2026-04-05.

How severe is CVE-2019-25666?

Medium severity. CVSS v3 base score is 6.2 out of 10.

Buffer overflow in Nsauditor Spotauditor

CVE-2019-25666

SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trig…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (0.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.2 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Nsauditor Spotauditor — versions 3.6.7

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

ExploitDB-46313 (exploit)
Official Product Homepage (product)
VulnCheck Advisory: SpotAuditor 3.6.7 Denial of Service Buffer Overflow (third-party-advisory)

Frequently asked questions

What is CVE-2019-25666?: CVE-2019-25666 is a medium-severity vulnerability in Nsauditor Spotauditor, classified under Out-of-bounds Write. CVSS score: 6.2/10. Published 2026-04-05.
How severe is CVE-2019-25666?: Medium severity. CVSS v3 base score is 6.2 out of 10.