CVE-2025-67230 | THREATINT

Description

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation.

PUBLISHED Reserved 2025-12-08 | Published 2026-01-23 | Updated 2026-01-23 | Assigner mitre

References

www.todesktop.com/changelog

www.todesktop.com/security/advisories/TDSA-2025-002

cve.org (CVE-2025-67230)

nvd.nist.gov (CVE-2025-67230)

Download JSON