CVE-2025-22136 | Eugeny tabby up to 1.0.216 Electron Fuse code injection (GHSA-prcj-7rvc-26h4)

Posted by Angelo Barbosa | Jan 8, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Eugeny tabby up to 1.0.216. Affected by this issue is the function RunAsNode/EnableNodeCliInspectArguments/EnableNodeOptionsEnvironmentVariable of the component Electron Fuse Handler. The manipulation leads to code injection.

This vulnerability is handled as CVE-2025-22136. The attack needs to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-22136 | Eugeny tabby up to 1.0.216 Electron Fuse code injection (GHSA-prcj-7rvc-26h4)

Related Posts

CVE-2024-38480 | Kakao Piccoma Piccoma App prior 6.20.0 on Android/ API Key hard-coded credentials

CVE-2024-35495 | TP-Link Kasa KP125M/Tapo P125M 1.0.0 Telemetry information disclosure

CVE-2024-3691 | PHPGurukul Small CRM 3.0 Registration Page sql injection

CVE-2024-25981 | Moodle prior 4.3.3/4.1.9 Forum Export access control