What is CVE-2025-6965?

CVE-2025-6965 is a vulnerability in Sqlite, classified under CWE-197. Published 2025-07-15.

Is CVE-2025-6965 known to be exploited?

8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Sqlite

CVE-2025-6965

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

EPSS: 0.649 (99.1th percentile) — read the EPSS interpretation.

Affected products

Sqlite — versions 0

Weakness classification (CWE)

CWE-197

Public proof-of-concept exploits

0xfarben/ortho-secure
ARPSyndicate/cve-scores
KUNDAN-KUMAR04/cyber
TalEliyahu/AI-Security-Newsletter
XXRadeonXFX/flask-vuln-app
duykhiem/SQLite3MultipleCiphersForUWP
ere6u5/-containerization-security-assessment-
runwhen-contrib/helm-charts

References

www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c…

Frequently asked questions

What is CVE-2025-6965?: CVE-2025-6965 is a vulnerability in Sqlite, classified under CWE-197. Published 2025-07-15.
Is CVE-2025-6965 known to be exploited?: 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.