AI description
CVE-2025-66034 affects fontTools, a Python library for manipulating fonts. Specifically, versions 4.33.0 to before 4.60.2 contain an arbitrary file write vulnerability within the `fontTools.varLib` script. This vulnerability can be triggered when processing a malicious `.designspace` file. The vulnerability lies in the `main()` code path of `fontTools.varLib`, which is used by the `fonttools varLib` CLI and any code that invokes `fontTools.varLib.main()`. Successful exploitation could allow a malicious user to write arbitrary files on the file system, potentially leading to remote code execution. The issue has been addressed in version 4.60.2.
- Description
- fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- fonttools
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-91
- Hype score
- Not currently trending
Just published my deep dive on CVE-2025-66034 𧡠fontTools varLib β Arbitrary File Write + XML Injection β RCE Two missing sanitization checks. One file upload. Full shell. Full writeup + PoC code π https://t.co/JInWyRveMC #CVE #PenTest #OffSec #HTB #RedTeam
@big_notation
22 Mar 2026
140 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Our pentest agent captured 4 flags on @hackthebox_eu box today: - rank: #933 globally (+1363 spots in 48hrs) - stars: β72 - forks: π΄10 What went down: β fonttools 4.50.0 (CVE-2025-66034) : XML designspace file with no path sanitization. wrote a PHP webshell straigh
@transilienceai
18 Mar 2026
123 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
1 Quote
Our pentest agent captured 4 flags on Hack the box today: - rank: #933 globally (+1363 spots in 48hrs) - stars: β72 - forks: π΄10 What went down: β fonttools 4.50.0 (CVE-2025-66034) : XML designspace file with no path sanitization. wrote a PHP webshell straight into
@transilienceai
18 Mar 2026
8 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
4 flags. 4 CVEs. 1 agent that failed yesterday and won today. - rank: #933 globally (+1363 spots in 48hrs) - stars: β72 - forks: π΄10 What went down: β fonttools 4.50.0 (CVE-2025-66034) : XML designspace file with no path sanitization. wrote a PHP webshell straight i
@transilienceai
18 Mar 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Just rooted VariaType on @hackthebox_eu! π© LFI source leak via ....// bypass__RCE via FontTools injection (CVE-2025-66034)__Lateral move via filename command injection__Rooted via setuptools PackageIndex path traversal π https://t.co/bqrqA3lQ3N #HackTheBox #HTB #CyberSecuri
@bundibrianx
15 Mar 2026
153 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
SECURITY ALERT: CVE-2025-66034 Exploit Fix & Mitigation Guide Read more: https://t.co/pudevNRNqq #Cybersecurity #CVE https://t.co/bxke1sokA8
@SecReportCVE
24 Dec 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
URGENT: #Fedora 42 critical RCE vulnerability CVE-2025-66034 in #python-unicodedata2/fonttools. Arbitrary file write via malicious .designspace files leads to full system compromise. Read more: π https://t.co/2cP9hnQMpy #Security https://t.co/TV7wwE7aQX
@Cezar_H_Linux
20 Dec 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Technical Security Advisory: CVE-2025-66034 Severity: High. Arbitrary file write leading to Remote Code Execution in fontTools via malicious .designspace file parsing. Read more: π https://t.co/iTtAFf6dOD #Security #Ubuntu https:
@Cezar_H_Linux
20 Dec 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: βΌ Disponibile #PoC per lo sfruttamento della CVE-2025-66034, presente nella nota libreria #fontTools Rischio: π Tipologia: πΈ Arbitrary Code Execution πΈ Remote Code Execution πΈ Privilege Escalation π https://t.co/g9qXL2LqG1 β Importante mantenere a
@Vulcanux_
29 Nov 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
βΌ Disponibile #PoC per lo sfruttamento della CVE-2025-66034, presente nella nota libreria #fontTools Rischio: π Tipologia: πΈ Arbitrary Code Execution πΈ Remote Code Execution πΈ Privilege Escalation π https://t.co/ricQMbS0Fo β Importante mantenere aggiornati
@csirt_it
29 Nov 2025
242 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-66034 fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) scri⦠https://t.co/Au1nLEhnlM
@CVEnew
29 Nov 2025
350 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-66034 Arbitrary File Write Vulnerability in fontTools varLib Leading to Remote Code Execution https://t.co/IOTI7aWCHn
@VulmonFeeds
29 Nov 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fonttools:fonttools:*:*:*:*:*:python:*:*",
"matchCriteriaId": "76CBDF6D-E062-4632-8E9B-027EC11860C7",
"versionEndExcluding": "4.60.2",
"versionStartIncluding": "4.33.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]