aikido.dev Secure My Code

Intel/AIKIDO-2025-10382

AIKIDO-2025-10382

spdlog is vulnerable to Uncontrolled Resource Consumption

Uncontrolled Resource ConsumptionCVE-2025-6140 Published Jun 17, 2025

48

Medium Risk

This Affects:

c++

spdlog

1.5.0 - 1.15.1

Fixed in 1.15.2

Are you affected? Scan for Free

TL;DR

A vulnerability classified as problematic was identified in spdlog. The issue affects the scoped_padder function in include/spdlog/pattern_formatter-inl.h, leading to resource consumption. An attacker could exploit this vulnerability locally. The exploit has been publicly disclosed and may be in active use.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range.

Background info

spdlog is vulnerable to Uncontrolled Resource Consumption in versions 1.5.0 - 1.15.1.

How to fix this

Upgrade the spdlog library to the patch version.

48

Medium Risk

This Affects:

c++

spdlog

1.5.0 - 1.15.1

Fixed in 1.15.2

Are you affected? Scan for Free

Links

GitHub Release

github.com/gabime/spdlog/releases/tag/v1.15.2

Fix Commit

github.com/gabime/spdlog/commit/10320184df1eb4638e253a34b1eb44ce78954094

Related Issues

github.com/gabime/spdlog/issues/3360

github.com/gabime/spdlog/issues/3360#issuecomment-2729579422

Other

vuldb.com/?ctiid.312609

vuldb.com/?id.312609

vuldb.com/?submit.592999

Are You Affected?

Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.

Free. No credit card required.

Aikido Platform

Company

Resources

Industries

Use Cases

Compare

Legal

Connect

hello@aikido.dev

Security

Subscribe

Stay up to date with all updates

LinkedIn YouTube X

© 2026 Aikido Security BV | BE0792914919

Keizer Karelstraat 15, 9000, Ghent, Belgium

95 Third St, 2nd Fl, San Francisco, CA 94103, US

Unit 6.15 Runway East 18 18 Crucifix Ln, London SE1 3JW UK

Ghent, Belgium | San Francisco, US

SOC 2

ISO 27001

ISO 27001Compliant

Get Security Done