cbcvebase.
CVE-2025-62187
published 2025-10-07

CVE-2025-62187: In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux (media file…

PriorityP415low3.3CVSS 3.1
AVLACLPRLUINSUCNILAN
EPSS
0.16%
5.6th percentile
In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux (media file pathnames are not necessarily relative to the media folder).

Affected

1 ranges
VendorProductVersion rangeFixed in
ankitectsanki< 25.02.625.02.6

CVSS provenance

nvdv3.13.3LOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
ghsa6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.