Skip to main content

Anki CVE-2026-58266

| EUVDEUVD-2026-42113 MEDIUM
Origin Validation Error (CWE-346)
2026-07-07 GitHub_M
6.5
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

AV:N because malicious deck is fetched/shared over network and exfiltrates remotely; UI:R because user must import the deck; C:H for arbitrary file read; no integrity or availability impact.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Patch available
Jul 07, 2026 - 23:01 EUVD
Analysis Generated
Jul 07, 2026 - 22:11 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 1 pypi packages depend on aqt (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 25.9.4.

DescriptionCVE.org

Anki is a program for creating and reviewing flashcards. Prior to 25.09.4, Anki's webview-based pages communicate with the Rust backend using an internal localhost API, and user scripts included via iframes in the editor can access this API despite protections intended to block reviewer and editor scripts. A malicious imported card package with an embedded iframe can use exposed API methods such as getImageForOcclusion to read arbitrary files accessible to the Anki process and exfiltrate them over the network. This issue is fixed in version 25.09.4.

AnalysisAI

Arbitrary file read and exfiltration in Anki prior to 25.09.4 allows a remote attacker to access sensitive files on a victim's system by distributing a maliciously crafted card package (.apkg). The root cause is an origin validation failure (CWE-346) in Anki's internal localhost API, which fails to block iframe-embedded scripts from accessing privileged backend methods such as getImageForOcclusion. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious .apkg with iframe payload
Delivery
Distribute deck via community site or phishing
Exploit
Victim imports deck into Anki
Execution
Iframe bypasses origin validation on localhost API
Persist
Call getImageForOcclusion or similar API to read local files
Impact
Exfiltrate file contents to attacker server

Vulnerability AssessmentAI

Exploitation The victim must actively import a malicious Anki card package (.apkg) - this is the required user interaction step reflected in CVSS UI:R. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 score of 6.5 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) reflects a realistic threat model: no attacker privileges or special configuration required, but a user interaction step (importing the malicious deck) limits automated exploitation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker publishes a malicious Anki deck package (.apkg) - disguised as a legitimate study resource - to a community sharing site or delivers it via phishing. When a victim imports the deck, an embedded iframe loads and calls the unprotected internal localhost API method getImageForOcclusion or similar endpoints to read sensitive files (e.g., SSH private keys, stored credentials) from the victim's filesystem and transmits them to an attacker-controlled server via outbound HTTP. …
Remediation Vendor-released patch: 25.09.4. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-58266 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy