CVE-2025-20260 PoC — ClamAV 安全漏洞

Source

https://github.com/keyuraghao/CVE-2025-20260

Associated Vulnerability

Title:ClamAV 安全漏洞 (CVE-2025-20260)
Description:ClamAV（Clam AntiVirus）是ClamAV团队的一套免费且开源的杀毒软件。该软件用于检测木马、病毒、恶意软件和其他恶意威胁。 ClamAV存在安全漏洞，该漏洞源于PDF文件处理期间内存缓冲区分配不当，可能导致缓冲区溢出。

Readme

# CVE-2025-20260 EXPLOIT

## This repository contains both the python script to generate the malicious pdf file and a core dump analysis.

File Snapshot


 [4.0K]  /data/pocs/017ea82a939b82e24dfd84899c6d02076e6fcfd3
├── [ 980]  clamshank.py
├── [403K]  HOS Core dump analysis for CVE-2025-20260.pdf
├── [1.0K]  LICENSE
└── [ 138]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!