CVE-2025-26525

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions TeX Live (affected versions not specified)

Description The issue is related to insufficient sanitizing in the TeX notation filter, which poses an arbitrary file read risk on sites where pdfTeX is available. This typically affects systems with TeX Live installed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-552

Related Identifiers

ALT-PU-2025-6924

ALT-PU-2025-7344

BDU:2025-02323

BIT-MOODLE-2025-26525

CVE-2025-26525

GHSA-4HMR-39VP-XFRR

Affected Products

Alt Linux

Red Os

Tex Live

CVE-2025-26525

Weakness Enumeration

Related Identifiers

Affected Products

References · 21