Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/11/20 4:39 p.m.7 views

CVE-2025-12121 CVE-2025-12121

Lite XL versions 2.1.8 and prior contain a vulnerability in the system.exec function, which allowed arbitrary command execution through unsanitized shell command construction. This function was used in project directory launching core.lua, drag-and-drop file handling rootview.lua, and the “open i...

0.00334EPSS
Exploits1References2
CVE
CVE
added 2025/11/20 4:39 p.m.13 views

CVE-2025-12121

Lite XL versions 2.1.8 and earlier are affected by CVE-2025-12121 due to an unsanitized system.exec usage in core.lua (project directory launching), rootview.lua (drag‑and‑drop handling), and treeview.lua (open in system). This allows arbitrary command execution with the Lite XL process privilege...

7.3CVSS7.5AI score0.00334EPSS
Exploits1References2Affected Software1
AlpineLinux
AlpineLinux
added 2025/11/20 4:39 p.m.2 views

CVE-2025-12121

Lite XL versions 2.1.8 and prior contain a vulnerability in the system.exec function, which allowed arbitrary command execution through unsanitized shell command construction. This function was used in project directory launching core.lua, drag-and-drop file handling rootview.lua, and the “open i...

7.3CVSS7.8AI score0.00334EPSS
Exploits1
CERT
CERT
added 2025/11/11 12:0 a.m.7 views

Lite XL Arbitrary Code Execution via Project Module and Legacy system.exec Function

Overview Lite XL is a lightweight text editor derived from the lite project, written primarily in Lua and C. It supports Windows, Linux, and macOS, and is designed for extensibility through plugins and project‑specific modules. Description Two vulnerabilities were identified Lite XL: CVE-2025-121...

7.3CVSS8.2AI score0.00334EPSS
Exploits2References4
Rows per page
Query Builder