CVE-2025-12121 | Lite XL up to 2.1.8 core.lua system.exec os command injection

Inserito da Angelo Barbosa | Nov 11, 2025 | CVE

A vulnerability classified as critical has been found in Lite XL up to 2.1.8. Impacted is the function system.exec of the file core.lua. The manipulation leads to os command injection.

This vulnerability is documented as CVE-2025-12121. The attack can be initiated remotely. There is not any exploit available.

To fix this issue, it is recommended to deploy a patch.

CVE-2025-12121 | Lite XL up to 2.1.8 core.lua system.exec os command injection

Post correlati

CVE-2024-3057 | PureStorage FlashArray up to 6.6.5 privileges management

CVE-2024-4874 | Bricks Builder Plugin up to 1.9.8 on WordPress resource injection

CVE-2024-46910 | Apache Atlas up to 2.3.0 cross site scripting

CVE-2024-57212 | TOTOLINK A6000R 1.0.1-B20201211.2000 action_reboot opmode command injection