CVE-2025-7961

Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS allows TCC Bypass.This issue affects KAP: 3.6.0.

CVSS

No CVSS.

References

Link	Resource
http://wulkano.com/
https://fluidattacks.com/advisories/cafrune
https://getkap.co/
https://github.com/wulkano/Kap

Configurations

No configuration.

History

18 Aug 2025, 20:16

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de control inadecuado de generación de código ('inyección de código') en Wulkano KAP en MacOS permite la omisión de TCC. Este problema afecta a KAP: 3.6.0.

15 Aug 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-15 17:15

Updated : 2025-08-18 20:16

NVD link : CVE-2025-7961

Mitre link : CVE-2025-7961

CVE.ORG link : CVE-2025-7961

JSON object : View

Products Affected

No product.

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2025-7961", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "help@fluidattacks.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-15T17:15:32.937", "references": [{"url": "http://wulkano.com/", "source": "help@fluidattacks.com"}, {"url": "https://fluidattacks.com/advisories/cafrune", "source": "help@fluidattacks.com"}, {"url": "https://getkap.co/", "source": "help@fluidattacks.com"}, {"url": "https://github.com/wulkano/Kap", "source": "help@fluidattacks.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "help@fluidattacks.com", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS allows TCC Bypass.This issue affects KAP: 3.6.0."}, {"lang": "es", "value": "La vulnerabilidad de control inadecuado de generaci\u00f3n de c\u00f3digo ('inyecci\u00f3n de c\u00f3digo') en Wulkano KAP en MacOS permite la omisi\u00f3n de TCC. Este problema afecta a KAP: 3.6.0."}], "lastModified": "2025-08-18T20:16:28.750", "sourceIdentifier": "help@fluidattacks.com"}

CVE-2025-7961

JSON object

Attach tags to CVE-2025-7961

Attach tags to `CVE-2025-7961`