CVE-2025-13044
published 2026-04-07CVE-2025-13044: IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
medium6.2CVSS 3.1
AVLACLPRNUINSUCNIHAN
IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | concert | 1.0.0 – 2.2.0 | — |