LOW🇵🇱 Wersja polska

CVE-2025-62187

CVSS 2.9v3.1pub. 2025-10-07upd. 2025-10-10

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux (media file pathnames are not necessarily relative to the media folder).

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  • Ankitects Anki

    APP
    Ankitects
    < 25.02.6
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-32484HIGH7.4ten sam produkt

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 2...

CVE-2025-62185MEDIUM6.7ten sam produkt

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media...

CVE-2025-62186MEDIUM6.7ten sam produkt

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playi...

CVE-2025-43703MEDIUM6.1ten sam produkt

An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controll...

CVE-2024-32152LOW3.1ten sam produkt

A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafte...