CVE-2025-5471

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Yandex Telemost versions prior to 2.19.1

Description An uncontrolled search path element issue exists in Yandex Telemost on MacOS, enabling search order hijacking. This allows an attacker to potentially manipulate the system's search path to load malicious code.

Recommendations Update Yandex Telemost to version 2.19.1 or later.

Fix

Untrusted Search Path

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426CWE-427

Related Identifiers

BDU:2025-08835

CVE-2025-5471

Affected Products

Yandex Telemost

CVE-2025-5471

Weakness Enumeration

Related Identifiers

Affected Products

References · 6