Arduino Ide
Approved changes feed: RSS · Atom
cpe:2.3:a:arduino:arduino_ide:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Arduino (a6c9e11a-439e-5c89-be14-a8208b9cb88c) |
|---|---|
| Product | Arduino Ide (e4efbda9-a9db-51ce-9603-b7b9013c3683) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/arduino/arduino-ide |
purl2cpe | 2026-06-19 13:12:39.528368 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-64724 |
vulnerable | 2026-06-08 07:39:20.201133 |
Arduino IDE for macOS has Insecure File Permissions
Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the application, the malicious code executes with that user's privileges, enabling privilege escalation and unauthorized access to sensitive data. The fix is included starting from the `2.3.7` release.
Published: 2025-12-18T15:18:39.642Z
Updated: 2025-12-18T19:06:40.437Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-64723 |
vulnerable | 2026-06-08 07:39:20.200502 |
Arduino IDE for macOS has TCC Bypass via Dynamic Library Injection
Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the application process, gaining access to all TCC (Transparency, Consent, and Control) permissions granted to the application. The fix is included starting from the `2.3.7 ` release.
Published: 2025-12-18T15:15:15.883Z
Updated: 2026-01-14T16:41:03.867Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.