CVE-2019-25689 — Code Execution

April 12, 2026 16:16 /HIGH

National Vulnerability Database vulnerabilitycvehigh-severitycode-executioncwe-787

CVE-2019-25689 — HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register di

Related ATT&CK Techniques

T1204.002 Malicious File Execution T1059.001 PowerShell Execution T1190 Exploit Public-Facing Application Initial Access

🛡️ Detection Rules

6 rules · 5 SIEM formats

6 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, and QRadar AQL.

medium T1204.002 Execution

Suspicious File Download via Email

Sigma Splunk SPL Sentinel KQL Elastic QRadar AQL

Get this rule in your SIEM's native format — copy, paste, detect. No manual conversion.

6 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.

Get Detection Rules →

Indicators of Compromise

ID	Type	Indicator
CVE-2019-25689	Vulnerability	CVE-2019-25689

Source & Attribution

Source Platform	NVD
Channel	National Vulnerability Database
Published	April 12, 2026 at 16:16 UTC

This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.

Believe this infringes your rights? Submit a takedown request.

Related ATT&CK Techniques

🛡️ Detection Rules

Suspicious File Download via Email

Indicators of Compromise

Related Posts

Critical RCE Flaw Hits NuGet Gallery Backend

BoidCMS LFI to RCE: A Critical Template Flaw

Nanobot AI: WebSocket Hijack Puts WhatsApp Sessions at Risk