CNNVD-202511-719 Information

CNNVD ID

CNNVD-202511-719

Related CVE

CVE-2025-64180

• CNNVD Published: 2025-11-07

Description (Chinese)

Manager-io是Manager.io开源的一个会计软件。适用于Windows、Mac和Linux。 Manager-io 25.11.1.3085及之前版本存在代码问题漏洞，该漏洞源于DNS验证机制存在TOCTOU条件，可能导致绕过网络隔离并访问内部服务。

Description (English)

Manager-io is an open-source accounting software for Manager.io. For Windows, Mac and Linux. Manager-io 25.11.3085 and previous versions had a code gap, which stemmed from the DNS Certification Mechanism ’ s TOCTOU condition, which could lead to network isolation and access to internal services.

Hazard Level

Low

Vulnerability Type

代码问题

Affected Vendor

Manager.io

Published

2025-11-07

Last Modified

2026-02-24

References

https://github.com/Manager-io/Manager/security/advisories/GHSA-j2xj-xhph-p74j https://access.redhat.com/security/cve/cve-2025-64180

Patch

https://github.com/Manager-io/Manager/releases