NVD

Vulnerability Change Records for CVE-2025-4261

Action	Type	New Value
Added	Description	A vulnerability was found in GAIR-NLP factool up to 3f3914bc090b644be044b7e0005113c135d8b20f. It has been classified as critical. This affects the function run_single of the file factool/factool/math/tool.py. The manipulation leads to code injection. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Added	CVSS V4.0	AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Added	CVSS V3.1	AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Added	CVSS V2	(AV:L/AC:L/Au:S/C:P/I:P/A:P)
Added	CWE	CWE-74
Added	CWE	CWE-94
Added	Reference	https://github.com/GAIR-NLP/factool/issues/50
Added	Reference	https://github.com/GAIR-NLP/factool/issues/50#issue-3007905464
Added	Reference	https://vuldb.com/?ctiid.307365
Added	Reference	https://vuldb.com/?id.307365
Added	Reference	https://vuldb.com/?submit.562942