Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-43711

Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root (upon the next boot) by dragging a crafted Tunnelblick.app file into /Applications.

Published

2025-07-05T00:15:23.733

Last Modified

2025-07-08T16:18:53.607

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Primary
CWE-459

Affected Vendors & Products

References

https://tunnelblick.net/cCVE-2025-43711.html ([email protected])
https://tunnelblick.net/downloads.html ([email protected])