CVE-2025-15534 – An integer overflow vulnerability in raylib's L... (How to Fix)

Q: What is the severity of CVE-2025-15534?

CVE-2025-15534 has a CVSS score of 5.3 (MEDIUM). An integer overflow vulnerability in raylib's LoadFontData function allows local attackers to cause denial of service or potentially execute arbitrary code. This affects raylib users who load font data from untrusted sources. The vulnerability requires local access to exploit.

📋 TL;DR

An integer overflow vulnerability in raylib's LoadFontData function allows local attackers to cause denial of service or potentially execute arbitrary code. This affects raylib users who load font data from untrusted sources. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:

raysan5 raylib

Versions: All versions up to commit 909f040

Operating Systems: All platforms supported by raylib

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when loading font data, typically from font files

📦 What is this software?

Raylib by Raylib

View all CVEs affecting Raylib →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to arbitrary code execution with the privileges of the raylib process

🟠

Likely Case

Application crash or denial of service when processing malicious font files

🟢

If Mitigated

Limited impact due to local-only exploitation requirement and proper input validation

🌐 Internet-Facing: LOW - Attack requires local access, cannot be exploited remotely

🏢 Internal Only: MEDIUM - Local attackers could exploit this if they can supply malicious font files

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires local access and ability to supply malicious font data to the application

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit 5a3391fdce046bc5473e52afbd835dd2dc127146 and later

Vendor Advisory: https://github.com/raysan5/raylib/issues/5436

Restart Required: Yes

Instructions:

Update raylib to commit 5a3391fdce046bc5473e52afbd835dd2dc127146 or later
Rebuild applications using the patched raylib library
Restart affected applications

🔧 Temporary Workarounds

Restrict font file sources

all

Only load font files from trusted sources and validate font files before processing

Disable font loading from untrusted sources

all

Modify application to avoid loading fonts from user-controlled or untrusted locations

🧯 If You Can't Patch

Implement strict input validation for font files before passing to LoadFontData
Run raylib applications with minimal privileges to limit potential damage

🔍 How to Verify

Check if Vulnerable:

Check raylib version or commit hash - if earlier than commit 5a3391fdce046bc5473e52afbd835dd2dc127146, it's vulnerable

Check Version:

Check raylib source code or build information for commit hash

Verify Fix Applied:

Verify raylib is at commit 5a3391fdce046bc5473e52afbd835dd2dc127146 or later

📡 Detection & Monitoring

Log Indicators:

Application crashes when loading font files
Memory access violations in rtext.c functions

Network Indicators:

None - local-only vulnerability

SIEM Query:

Process crashes with raylib or related to font loading operations

📊 Metadata

CVE ID: CVE-2025-15534

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-189

EPSS Score: 0.01% exploit probability (2.4th percentile)

Published: January 18, 2026

Last Updated: February 23, 2026

🔗 References

https://github.com/oneafter/1224/blob/main/segv1 Exploit
https://github.com/raysan5/raylib/
https://github.com/raysan5/raylib/commit/5a3391fdce046bc5473e52afbd835dd2dc127146 Patch
https://github.com/raysan5/raylib/issues/5436 Exploit,Issue Tracking,Vendor Advisory
https://github.com/raysan5/raylib/pull/5450 Issue Tracking
https://vuldb.com/?ctiid.341706 Permissions Required,VDB Entry
https://vuldb.com/?id.341706 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.733343 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15534, you might also want to check these: