Skip to main content

Emacs

20 CVEs product

Monthly

CVE-2026-6861 MEDIUM PATCH This Month

Memory corruption in GNU Emacs SVG/CSS processing allows local attackers to trigger denial of service or information disclosure by convincing users to open specially crafted SVG files. The vulnerability requires user interaction (file opening) and local access, but results in significant impact including service disruption and potential data leakage through memory corruption exploitation.

Information Disclosure Denial Of Service Buffer Overflow Emacs
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2024-53920 HIGH This Week

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Emacs
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-39331 CRITICAL PATCH Act Now

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Emacs
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-30205 HIGH PATCH This Week

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Emacs Org Mode Debian Linux
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2024-30204 LOW PATCH Monitor

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Emacs Org Mode Debian Linux
NVD
CVSS 3.1
2.8
EPSS
0.5%
CVE-2024-30203 MEDIUM PATCH This Month

In Emacs before 29.3, Gnus treats inline MIME contents as trusted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Emacs Org Mode Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-30202 HIGH PATCH This Week

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Emacs Org Mode
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-2491 HIGH This Week

A flaw was found in the Emacs text editor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Command Injection Emacs Enterprise Linux Enterprise Linux Eus +2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-27986 HIGH PATCH This Week

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Code Injection Emacs
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-27985 HIGH PATCH This Week

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Emacs
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-45939 HIGH PATCH This Week

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Emacs Debian Linux Fedora
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2017-1000383 MEDIUM This Month

GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emacs
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-14482 HIGH PATCH This Week

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Emacs Debian Linux
NVD
CVSS 3.0
8.8
EPSS
4.6%
CVE-2014-9483 HIGH This Week

Emacs 24.4 allows remote attackers to bypass security restrictions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emacs
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2014-3424 LOW Monitor

lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Mageia Emacs
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2014-3423 LOW Monitor

lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Mageia Emacs
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2014-3422 LOW Monitor

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Emacs Mageia
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2014-3421 LOW Monitor

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Mageia Emacs
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2012-3479 MEDIUM PATCH This Month

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Emacs
NVD
CVSS 2.0
6.8
EPSS
2.3%
CVE-2012-0035 CRITICAL PATCH Act Now

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Cedet Emacs
NVD
CVSS 2.0
9.3
EPSS
4.0%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Memory corruption in GNU Emacs SVG/CSS processing allows local attackers to trigger denial of service or information disclosure by convincing users to open specially crafted SVG files. The vulnerability requires user interaction (file opening) and local access, but results in significant impact including service disruption and potential data leakage through memory corruption exploitation.

Information Disclosure Denial Of Service Buffer Overflow +1
NVD VulDB
EPSS 1% CVSS 7.8
HIGH This Week

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Emacs
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Emacs
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Emacs Org Mode +1
NVD
EPSS 0% CVSS 2.8
LOW PATCH Monitor

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Emacs Org Mode +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

In Emacs before 29.3, Gnus treats inline MIME contents as trusted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Emacs Org Mode +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Emacs +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A flaw was found in the Emacs text editor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Command Injection Emacs +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Code Injection Emacs
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Emacs
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Emacs Debian Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emacs
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Emacs Debian Linux
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Emacs 24.4 allows remote attackers to bypass security restrictions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emacs
NVD
EPSS 0% CVSS 3.3
LOW Monitor

lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Mageia Emacs
NVD
EPSS 0% CVSS 3.3
LOW Monitor

lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Mageia Emacs
NVD
EPSS 0% CVSS 3.3
LOW Monitor

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Emacs Mageia
NVD
EPSS 0% CVSS 3.3
LOW Monitor

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Mageia Emacs
NVD
EPSS 2% CVSS 6.8
MEDIUM PATCH This Month

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Emacs
NVD
EPSS 4% CVSS 9.3
CRITICAL PATCH Act Now

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Cedet Emacs
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy