CNNVD-202510-879 Information

CNNVD ID

CNNVD-202510-879

Related CVE

CVE-2025-62187

• CNNVD Published: 2025-10-07

Description (Chinese)

Ankitects Anki是Ankitects个人开发者的一个开源程序通过使用闪存卡来帮助记忆信息。 Ankitects Anki 25.02.6之前版本存在安全漏洞，该漏洞源于特制声音文件引用可能导致文件写入任意位置。

Description (English)

Ankitects Anki is an open source program for Ankitects personal developers to help memory information by using flashcards. Ankitects Anki 25.02.6 has a security loophole, which arises from the citation of a specially designed sound file that could lead to the document being written into any location.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-07

Last Modified

2026-02-24

References

https://github.com/ankitects/anki/pull/4041 https://github.com/ankitects/anki/pull/4041/commits/51476e05b281737a0c2924342bccdb6e5be52ea9 https://github.com/ankitects/anki/releases/tag/25.02.6 https://access.redhat.com/security/cve/cve-2025-62187

Patch

https://apps.ankiweb.net/