All 3 CVE vulnerabilities found in Constructor, with AI-generated Chinese analysis, references, and POCs.
Vendor: conda
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64343 | (conda) Constructor: Excessive permissions during and after installation CWE-289 | 7.8 | High | 2025-11-07 |
| CVE-2025-9194 | Constructor <= 1.6.5 - Missing Authorization to Authenticated (Subscriber+) Theme Clean CWE-862 | 4.3 | Medium | 2025-10-03 |
| CVE-2025-49823 | Conda Constructor Command Injection via Unsanitized User Input (Low) CWE-77 | - | - | 2025-06-17 |
All 3 known CVE vulnerabilities affecting Constructor with full Chinese analysis, references, and POCs where available.