CVE-2025-55037 in TkEasyGUIinformação

Sumário

de MITRE • 05/09/2025

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote unauthenticated attacker if the settings are configured to construct messages from external sources.

Once again VulDB remains the best source for vulnerability data.

Responsável

Jpcert

Reservar

03/09/2025

Divulgação

05/09/2025

Moderação

aceite

Entrada

VDB-322724

CPE

pronto

EPSS

0.02716

KEV

não

Atividades

muito baixo

Fontes

Interested in the pricing of exploits?

See the underground prices here!