Browse all 3 CVE security advisories affecting FreeType. AI-powered Chinese analysis, POCs, and references for each vulnerability.
FreeType is a widely used software library for rendering fonts, serving as a core component in many operating systems and applications. Historically, it has been susceptible to remote code execution vulnerabilities due to buffer overflows and integer overflows when processing malformed font files, with several critical flaws allowing attackers to execute arbitrary code. While no major public incidents have been widely documented, the library's CVE history reveals consistent issues in memory handling, particularly with TrueType, OpenType, and other font formats. Its position in the software stack makes it a potential attack vector, though its security posture has improved with regular updates and stricter parsing in recent versions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-23865 | FreeType 安全漏洞 — FreeType | 5.3 | Medium | 2026-03-02 |
| CVE-2025-27363 | FreeType 缓冲区错误漏洞 — FreeType | 8.1 | High | 2025-03-11 |
| CVE-2025-23022 | FreeType 安全漏洞 — FreeTypeCWE-190 | 4.0 | Medium | 2025-01-10 |
This page lists every published CVE security advisory associated with FreeType. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.