CVE-2025-55671_CVE-2025-55671

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Uncontrolled search path element issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, arbitrary code may be executed with the privilege of running the program.

Basic Information

ID CVE-2025-55671

Source jpcert

Published Sep 5, 2025 at 05:24

Affected Product

Vendor kujirahand

Product TkEasyGUI

Version versions prior to v1.0.22

Affected Versions kujirahand TkEasyGUI versions prior to v1.0.22

CWE Classification

CWE-427

References

{
    "lastseen": "",
    "description": "Uncontrolled search path element issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, arbitrary code may be executed with the privilege of running the program.",
    "published": "2025-09-05T05:24:45.422Z",
    "modified": "2025-09-05T05:24:45.422Z",
    "type": "cve",
    "title": "CVE-2025-55671",
    "source": "jpcert",
    "references": "https://github.com/kujirahand/tkeasygui-python/releases/tag/v1.0.22\nhttps://jvn.jp/en/jp/JVN48739895/",
    "id": "CVE-2025-55671",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "kujirahand TkEasyGUI versions prior to v1.0.22",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TkEasyGUI",
    "version": "versions prior to v1.0.22",
    "vendor": "kujirahand",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}