CVE-2025-5031: 
vulnerability analysis and mitigation

A vulnerability has been identified in Ackites KillWxapkg versions up to 2.4.1 affecting the wxapkg File Decompression Handler component. The vulnerability was disclosed on May 21, 2025, and has been rated as problematic with a low severity. The issue involves improper resource consumption handling during file decompression, which can lead to denial of service conditions (NVD, Wiz).

The vulnerability stems from insufficient validation of internal file size metadata in the wxapkg file format. When processing a specially crafted wxapkg (WeChat Mini Program package) file, the application fails to properly control resource allocation and maintenance, leading to CWE-400 (Uncontrolled Resource Consumption) and CWE-404 (Improper Resource Shutdown or Release) vulnerabilities. The vulnerability has received a CVSS 3.1 base score of 3.1 (LOW) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L (NVD, VulDB).

The exploitation of this vulnerability can result in denial of service conditions through excessive resource consumption. Specifically, processing a malicious wxapkg file can lead to unusually high disk space usage and excessive memory consumption, similar to a zip bomb attack (GitHub).

Recommended mitigations include enforcing strict limits on the number of unpacked files and setting a maximum directory or nesting depth during unpacking. Users should upgrade to a version newer than 2.4.1 when available (GitHub).