CVE-2025-8672

Name of the Vulnerable Software and Affected Versions: GIMP versions prior to 3.1.4.2

Description: The MacOS version of GIMP includes a Python interpreter that inherits Transparency, Consent, and Control (TCC) permissions granted to the main application. An attacker with local access can use this interpreter to execute arbitrary commands or scripts, potentially accessing user files in privacy-protected folders without prompting the user for approval. Accessing resources beyond previously granted TCC permissions may prompt the user for approval under the guise of GIMP, potentially concealing malicious intent.

Recommendations: Update to GIMP version 3.1.4.2 or later.