CVE-2025-62187 LOW

CVE-2025-62187

Vendor Ankitects

Product Anki

Weakness CWE-23

Published October 7, 2025

Last update October 8, 2025

View on NVD All CVEs

CVSS base score

2.9/10

Attack vector Local

Attack complexity High

Privileges required None

User interaction None

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux (media file pathnames are not necessarily relative to the media folder).

Key dates

02Disclosure timeline

October 7, 2025 CVE published

October 8, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-62187

Related vulnerabilities

CVE-2025-62187

01Description

02Disclosure timeline

03References

04Related CVE