Every CVE whose affected-product data names Ankitects Anki, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-32484 — CVSS 7.4 (high): An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted…
CVE-2025-62185 — CVSS 6.7 (medium): In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed…
CVE-2025-62186 — CVSS 6.7 (medium): Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL…
CVE-2025-43703 — CVSS 6.1 (medium): An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controlled access to the internal API…
CVE-2024-32152 — CVSS 3.1 (low): A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can…
CVE-2025-62187 — CVSS 2.9 (low): In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux…