cve 2025 6269

CVE-2025-6269 is a critical heap-based buffer overflow vulnerability in the HDF5 library, specifically in the cache reconstruction routine H5C__reconstruct_cache_entry within H5Cimage.c. It affects HDF5 releases up to and including 1.14.6. The flaw can be triggered by local manipulation of crafted HDF5 data, leading to reliable process crashes and potential memory corruption on unpatched systems. This vulnerability was disclosed in mid-June 2025 and poses a risk to systems using HDF5 for data storage and analysis. Users are advised to apply patches or updates from the HDF Group to mitigate the issue.