Medium severity5.8NVD Advisory· Published Jun 5, 2025· Updated Apr 15, 2026
CVE-2025-49466
CVE-2025-49466
Description
aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part,
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.