CVE-2024-26020
Description
A specially crafted flashcard can exploit Anki's MPV functionality to achieve arbitrary code execution by injecting command-line arguments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A specially crafted flashcard can exploit Anki's MPV functionality to achieve arbitrary code execution by injecting command-line arguments.
Vulnerability
Description
CVE-2024-26020 is an arbitrary script execution vulnerability in the MPV functionality of Ankitects Anki 24.04. The root cause is the lack of sanitization of filenames passed to the MPV media player. Anki constructs a subprocess command using subprocess.Popen(self.args + [tag.filename], ...) without a -- separator, allowing an attacker to inject additional MPV command-line arguments by crafting a malicious filename [1][2][3].
Exploitation
Method
An attacker can embed a specially crafted [sound:...] tag in a flashcard, where the filename portion is replaced with arbitrary MPV arguments. For example, [sound:--include=extra.conf] loads an external configuration file. The attacker can then provide a configuration file that loads a Lua script using script=run.lua and sets idle=yes to keep MPV running, resulting in arbitrary code execution [3]. The attack requires no authentication; the victim only needs to view or study the malicious flashcard [2].
Impact
Successful exploitation grants the attacker arbitrary code execution on the victim's system, with a CVSSv3 score of 9.6 (Critical) due to the attack vector being over the network, low complexity, no privileges required, user interaction required, and high impact on confidentiality, integrity, and availability [2][3]. This could lead to full system compromise, data theft, or installation of malware.
Mitigation
The vulnerability was fixed in commit 8d2e8b1e4fa3757581f224b1a57057d0455352ce by adding a -- separator before the filename in the MPV and MPlayer subprocess calls, preventing further argument injection [4]. Users should update Anki to a version containing this fix. There is no mention of this CVE being listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ankiPyPI | < 24.06 | 24.06 |
Affected products
2Patches
18d2e8b1e4fa3Pass -- to mpv/mplayer before filename (#3219)
1 file changed · +2 −2
qt/aqt/sound.py+2 −2 modified@@ -306,7 +306,7 @@ def stop(self) -> None: def _play(self, tag: AVTag) -> None: assert isinstance(tag, SoundOrVideoTag) self._process = subprocess.Popen( - self.args + [tag.filename], + self.args + ["--", tag.filename], env=self.env, cwd=self._media_folder, stdout=subprocess.DEVNULL, @@ -478,7 +478,7 @@ def _play(self, tag: AVTag) -> None: filename = hooks.media_file_filter(tag.filename) self._process = subprocess.Popen( - self.args + [filename], + self.args + ["--", filename], env=self.env, cwd=self.media_folder, stdin=subprocess.PIPE,
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-9gq7-p5w9-w899ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-26020ghsaADVISORY
- github.com/ankitects/anki/commit/8d2e8b1e4fa3757581f224b1a57057d0455352ceghsaWEB
- skerritt.blog/anki-0dayghsaWEB
- skii.dev/anki-0dayghsaWEB
- talosintelligence.com/vulnerability_reports/TALOS-2024-1993ghsaWEB
News mentions
0No linked articles in our index yet.