Arbitrary File Write Vulnerability in Ankitects Anki Application
CVE-2025-62187
2.9LOW
What is CVE-2025-62187?
A vulnerability exists in Ankitects Anki prior to version 25.02.6, where crafted sound file references can lead to arbitrary file writing on both Windows and Linux platforms. This occurs because the media file pathnames are not constrained to the media folder, potentially allowing unauthorized access or modification of files in various locations on the system.
Affected Version(s)
Anki 0 < 25.02.6
