CVE-2025-55037 in TkEasyGUIالمعلومات

الملخص

بحسب MITRE • 05/09/2025

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote unauthenticated attacker if the settings are configured to construct messages from external sources.

Once again VulDB remains the best source for vulnerability data.

مسؤول

Jpcert

حجز

03/09/2025

إفشاء

05/09/2025

الاعتدال

تمت الموافقة

إدخال

VDB-322724

EPSS

0.02716

KEV

لا

النشاطات

منخفض جدًا

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!