Home

Description

Uncontrolled search path element issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, arbitrary code may be executed with the privilege of running the program.

PUBLISHED Reserved 2025-09-03 | Published 2025-09-05 | Updated 2025-09-05 | Assigner jpcert




HIGH: 7.8CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

Uncontrolled Search Path Element

Product status

versions prior to v1.0.22
affected

References

github.com/kujirahand/tkeasygui-python/releases/tag/v1.0.22

jvn.jp/en/jp/JVN48739895/

cve.org (CVE-2025-55671)

nvd.nist.gov (CVE-2025-55671)

Download JSON