CVE Tools

sqlite

Databasesoss-project

26

Cumulative CVEs

10

Monthly snapshots

#43

Peak rank

Top products

sqlite2 sqldiff1

Latest CVEs

The 15 most recently published vulnerabilities affecting sqlite.

CVE-2026-11824SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate7.8Jun 9, 2026
CVE-2026-11822SQLite before 3.53.2 Memory Corruption in FTS5 Extension7.8Jun 9, 2026
CVE-2025-71316SQLite sqldiff remote code execution via argument injection9.8Jun 4, 2026
CVE-2025-70873An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.7.5Mar 12, 2026
CVE-2025-7709Out Of Bounds write in FTS5 Extension in SQLite6.5Sep 8, 2025
CVE-2025-7458SQLite integer overflow in key info allocation may lead to information disclosure.9.1Jul 29, 2025
CVE-2025-6965Integer Truncation on SQLite9.8Jul 15, 2025
CVE-2025-3277An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the bu...9.8Apr 14, 2025
CVE-2025-29088In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64...5.6Apr 10, 2025
CVE-2025-29087In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-control...3.2Apr 7, 2025
CVE-2024-0232Sqlite: use-after-free bug in jsonparseaddnodearray4.7Jan 16, 2024
CVE-2023-7104SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow5.5Dec 25, 2023
CVE-2021-31239An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.7.5May 9, 2023
CVE-2022-46908SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions ...7.3Dec 12, 2022
CVE-2020-35527In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.9.8Sep 1, 2022