sqlite3 (SUSE:Linux Enterprise Server 15 SP5-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP5-LTSS package sqlite3, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2025-3277 — CVSS 9.8 (critical): An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a…
CVE-2026-11822 — CVSS 7.8 (high): SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause…
CVE-2026-11824 — CVSS 7.8 (high): SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to…
CVE-2025-6965 — CVSS 7.7 (high): There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns…
CVE-2025-29088 — CVSS 5.6 (medium): In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service…
CVE-2025-29087 — CVSS 3.2 (low): In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a…