CVE-2025-47758 CVSS:7.8

V-SFT versions contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

CVE-2025-47754 CVSS:7.8

FUJI ELECTRIC V-SFT could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in VS6EditData!Conv_Macro_Data function. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2025-47749 CVSS:7.8

FUJI ELECTRIC V-SFT could allow a remote attacker to execute arbitrary code on the system, caused by an free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2025-47753 CVSS:7.8

FUJI ELECTRIC V-SFT could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in XXX. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2025-47750 CVSS:7.8

FUJI ELECTRIC V-SFT could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in VS6MemInIF!set_temp_type_default function. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.