CVE-2025-7700
Published: 07 November 2025
Summary
CVE-2025-7700 is a medium-severity NULL Pointer Dereference (CWE-476) vulnerability. Its CVSS base score is 5.3 (Medium).
Operationally, ranked at the 28.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-38295
Vulnerability details
A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft…
more
or system control, it can be used to disrupt services and cause a denial of service.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.