CVE-2025-15523 TCC Bypass via Inherited Permissions in Bundled Interpreter in Inkscape.app

MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

LibreOffice < 25.2.4 Authentication Bypass (CVE-2025-14714)

The version of LibreOffice installed on the remote host is prior to 25.2.4. It is, therefore, affected by a authentication bypass vulnerability: - An authentication bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Contro...

CVE-2025-14714

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

PT-2025-51211

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...