Emacs · Emacs · CVE-2025-1244
Name of the Vulnerable Software and Affected Versions:
Emacs (affected versions not specified)
Description:
A command injection flaw was found in the Emacs text editor, allowing a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. This can be achieved by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. The flaw is related to improper handling of custom "man" URI schemes.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.