Description
An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause.
Remediation
References
Related Vulnerabilities
Drupal Credentials Management Errors Vulnerability (CVE-2009-2374)
OpenSSL DEPRECATED: Code Vulnerability (CVE-2015-0290)
WordPress Plugin WooCommerce-Store Toolkit Privilege Escalation (1.5.6)
PHP Improper Resource Shutdown or Release Vulnerability (CVE-2026-7263)
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50092)