vulnerability
FreeBSD: VID-e60e538f-e795-4a00-b475-cc85a7546e00 (CVE-2025-1244): Emacs -- Arbitrary code execution vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Feb 24, 2025 | Feb 25, 2025 | Dec 10, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Feb 24, 2025
Added
Feb 25, 2025
Modified
Dec 10, 2025
Description
Problem Description A shell injection vulnerability exists in GNU Emacs due to improper handling of custom man URI schemes. Impact Initially considered low severity, as it required user interaction with local files, it was later discovered that an attacker could exploit this vulnerability by tricking a user into visiting a specially crafted website or an HTTP URL with a redirect, leading to arbitrary shell command execution without further user action.
Solutions
freebsd-upgrade-package-emacsfreebsd-upgrade-package-emacs-cannafreebsd-upgrade-package-emacs-noxfreebsd-upgrade-package-emacs-waylandfreebsd-upgrade-package-emacs-develfreebsd-upgrade-package-emacs-devel-nox
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.