CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-12120

Lite XL versions 2.1.8 and prior automatically execute the .lite_project.lua file when opening a project directory, without prompting the user for confirmation. The .lite_project.lua file is intended for project-specific configuration but can contain executable Lua logic. This behavior could allow execution of untrusted Lua code if a user opens a malicious project, potentially leading to arbitrary code execution with the privileges of the Lite XL process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.5%

CVSS Severity

CVSS v3 Score 7.3

References

Products affected by CVE-2025-12120

Lite-Xl » Lite Xl » Version: 1.0

cpe:2.3:a:lite-xl:lite_xl:1.0
Lite-Xl » Lite Xl » Version: 1.01

cpe:2.3:a:lite-xl:lite_xl:1.01
Lite-Xl » Lite Xl » Version: 1.02

cpe:2.3:a:lite-xl:lite_xl:1.02
Lite-Xl » Lite Xl » Version: 1.03

cpe:2.3:a:lite-xl:lite_xl:1.03
Lite-Xl » Lite Xl » Version: 1.04

cpe:2.3:a:lite-xl:lite_xl:1.04
Lite-Xl » Lite Xl » Version: 1.05

cpe:2.3:a:lite-xl:lite_xl:1.05
Lite-Xl » Lite Xl » Version: 1.06

cpe:2.3:a:lite-xl:lite_xl:1.06
Lite-Xl » Lite Xl » Version: 1.07

cpe:2.3:a:lite-xl:lite_xl:1.07
Lite-Xl » Lite Xl » Version: 1.08

cpe:2.3:a:lite-xl:lite_xl:1.08
Lite-Xl » Lite Xl » Version: 1.09

cpe:2.3:a:lite-xl:lite_xl:1.09
Lite-Xl » Lite Xl » Version: 1.10

cpe:2.3:a:lite-xl:lite_xl:1.10
Lite-Xl » Lite Xl » Version: 1.11

cpe:2.3:a:lite-xl:lite_xl:1.11
Lite-Xl » Lite Xl » Version: 1.12

cpe:2.3:a:lite-xl:lite_xl:1.12
Lite-Xl » Lite Xl » Version: 1.13

cpe:2.3:a:lite-xl:lite_xl:1.13
Lite-Xl » Lite Xl » Version: 1.14

cpe:2.3:a:lite-xl:lite_xl:1.14
Lite-Xl » Lite Xl » Version: 1.14.1

cpe:2.3:a:lite-xl:lite_xl:1.14.1
Lite-Xl » Lite Xl » Version: 1.15

cpe:2.3:a:lite-xl:lite_xl:1.15
Lite-Xl » Lite Xl » Version: 1.15.1

cpe:2.3:a:lite-xl:lite_xl:1.15.1
Lite-Xl » Lite Xl » Version: 1.15.2

cpe:2.3:a:lite-xl:lite_xl:1.15.2
Lite-Xl » Lite Xl » Version: 1.15.3

cpe:2.3:a:lite-xl:lite_xl:1.15.3
Lite-Xl » Lite Xl » Version: 1.16.0

cpe:2.3:a:lite-xl:lite_xl:1.16.0
Lite-Xl » Lite Xl » Version: 1.16.1

cpe:2.3:a:lite-xl:lite_xl:1.16.1
Lite-Xl » Lite Xl » Version: 1.16.10

cpe:2.3:a:lite-xl:lite_xl:1.16.10
Lite-Xl » Lite Xl » Version: 1.16.11

cpe:2.3:a:lite-xl:lite_xl:1.16.11
Lite-Xl » Lite Xl » Version: 1.16.12

cpe:2.3:a:lite-xl:lite_xl:1.16.12
Lite-Xl » Lite Xl » Version: 1.16.2

cpe:2.3:a:lite-xl:lite_xl:1.16.2
Lite-Xl » Lite Xl » Version: 1.16.3

cpe:2.3:a:lite-xl:lite_xl:1.16.3
Lite-Xl » Lite Xl » Version: 1.16.4

cpe:2.3:a:lite-xl:lite_xl:1.16.4
Lite-Xl » Lite Xl » Version: 1.16.5

cpe:2.3:a:lite-xl:lite_xl:1.16.5
Lite-Xl » Lite Xl » Version: 1.16.6

cpe:2.3:a:lite-xl:lite_xl:1.16.6
Lite-Xl » Lite Xl » Version: 1.16.7

cpe:2.3:a:lite-xl:lite_xl:1.16.7
Lite-Xl » Lite Xl » Version: 1.16.8

cpe:2.3:a:lite-xl:lite_xl:1.16.8
Lite-Xl » Lite Xl » Version: 1.16.9

cpe:2.3:a:lite-xl:lite_xl:1.16.9
Lite-Xl » Lite Xl » Version: 2.0.0

cpe:2.3:a:lite-xl:lite_xl:2.0.0
Lite-Xl » Lite Xl » Version: 2.0.1

cpe:2.3:a:lite-xl:lite_xl:2.0.1
Lite-Xl » Lite Xl » Version: 2.0.2

cpe:2.3:a:lite-xl:lite_xl:2.0.2
Lite-Xl » Lite Xl » Version: 2.0.3

cpe:2.3:a:lite-xl:lite_xl:2.0.3
Lite-Xl » Lite Xl » Version: 2.0.4

cpe:2.3:a:lite-xl:lite_xl:2.0.4
Lite-Xl » Lite Xl » Version: 2.0.5

cpe:2.3:a:lite-xl:lite_xl:2.0.5
Lite-Xl » Lite Xl » Version: 2.1.0

cpe:2.3:a:lite-xl:lite_xl:2.1.0
Lite-Xl » Lite Xl » Version: 2.1.1

cpe:2.3:a:lite-xl:lite_xl:2.1.1
Lite-Xl » Lite Xl » Version: 2.1.2

cpe:2.3:a:lite-xl:lite_xl:2.1.2
Lite-Xl » Lite Xl » Version: 2.1.3

cpe:2.3:a:lite-xl:lite_xl:2.1.3
Lite-Xl » Lite Xl » Version: 2.1.4

cpe:2.3:a:lite-xl:lite_xl:2.1.4
Lite-Xl » Lite Xl » Version: 2.1.5

cpe:2.3:a:lite-xl:lite_xl:2.1.5
Lite-Xl » Lite Xl » Version: 2.1.6

cpe:2.3:a:lite-xl:lite_xl:2.1.6
Lite-Xl » Lite Xl » Version: 2.1.7

cpe:2.3:a:lite-xl:lite_xl:2.1.7
Lite-Xl » Lite Xl » Version: 2.1.8

cpe:2.3:a:lite-xl:lite_xl:2.1.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-12120

Products

Pricing

Contact Us