{
  "modified": "2025-09-02T15:55:25Z",
  "published": "2025-09-01T19:15:32Z",
  "id": "CVE-2025-9809",
  "details": "Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer.",
  "references": [
    {
      "type": "REPORT",
      "url": "https://github.com/libretro/libretro-common/issues/222"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libretro/libretro-common/blob/master/formats/cdfs/cdfs.c#L471"
    }
  ]
}