CVE-2025-55671
TkEasyGUI Affected by Uncontrolled Search Path Element Issue
7.8
HIGH
CVSS 3.1
EPSS 0.03%
Description
Uncontrolled search path element issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, arbitrary code may be executed with the privilege of running the program.
How to fix CVE-2025-55671
To remediate CVE-2025-55671, upgrade the affected package to a fixed version below.
- PyPI/tkeasygui—upgrade to 1.0.22 or later
Is CVE-2025-55671 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.0.22
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |