CNNVD-202512-2344 Information

CNNVD ID

CNNVD-202512-2344

Related CVE

CVE-2025-12843

• CNNVD Published: 2025-12-12

Description (Chinese)

Wave Terminal是Wave Terminal开源的一个企业协作系统。 Wave Terminal 0.12.2版本存在代码注入漏洞，该漏洞源于Electron Fuses代码注入，可能导致TCC绕过。

Description (English)

Wave Terminal is an open-source enterprise system for Wave Terminal. Version Wave Terminal 0.12.2 contains a code-injection loophole, which originates in the Electron Fuses code and may lead to TC circumvention.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

Weblizar

Published

2025-12-12

Last Modified

2026-02-24

References

https://fluidattacks.com/advisories/minutos https://github.com/wavetermdev/waveterm

Patch

https://github.com/wavetermdev/waveterm/releases