VYPR
Unrated severityOSV Advisory· Published Jul 8, 2026

Debian anki: Anki is a program for creating and reviewing flashcards. Prior to 25.09.3, Anki …

CVE-2026-59153

Description

Anki is a program for creating and reviewing flashcards. Prior to 25.09.3, Anki launches a local HTTP server to serve media files and web pages for parts of its interface, but requests from other origins were not sufficiently blocked. A malicious website could potentially trigger side-effecting requests to the local server, with severity varying by browser depending on Private Network Access protections. This issue is fixed in version 25.09.3.

Affected products

3

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.