CVE-2025-62186

Medium CVSS: 6.7

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling.

Vendor

Ankitects

Product

Anki

CWE

CWE-829

Yayın Tarihi

2025-10-07 21:15:38

Güncelleme

2025-10-10 16:20:53

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-829 Anki MEDIUM Ankitects 2025

Referanslar

https://github.com/ankitects/anki/releases/tag/25.02.5

Benzer Kayıtlar

Low

CVE-2025-62187

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations o…

Medium

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, a…

Medium

CVE-2025-43703

An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controlled access…