CNNVD-202510-881 Information

CNNVD ID

CNNVD-202510-881

Related CVE

CVE-2025-62185

• CNNVD Published: 2025-10-07

Description (Chinese)

Ankitects Anki是Ankitects个人开发者的一个开源程序通过使用闪存卡来帮助记忆信息。 Ankitects Anki 25.02.5之前版本存在代码问题漏洞，该漏洞源于特制共享牌组可在媒体文件夹中放置YouTube下载器可执行文件，可能导致执行任意代码。

Description (English)

Ankitects Anki is an open source program for Ankitects personal developers to help memory information by using flashcards. Ankitects Anki 25.02.5 has a code problem loophole, which stems from the fact that a custom shared cardboard can place YouTube downloaders in media folders, which may lead to the execution of any code.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2025-10-07

Last Modified

2026-02-24

References

https://github.com/ankitects/anki/commit/5080451829505842b16d4a50f398ad44560a3e48 https://github.com/ankitects/anki/commit/6213c9b6f99ebda181004f8915b92fe3618b939 https://github.com/ankitects/anki/compare/25.02.4…25.02.5 https://access.redhat.com/security/cve/cve-2025-62185

Patch

https://apps.ankiweb.net/