CVE-2025-62186

Sažetak

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling.

Reference

CVSS

Base:	6.7
Impact:	5.2
Exploitability:	1.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Zadnje važnije ažuriranje

10-10-2025 - 16:20

Objavljeno

07-10-2025 - 21:15