Use of Potentially Dangerous Function

CVE-2025-65117

High

8.5/10

Summary

The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: REQUIRED
Privileges Required: HIGH
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-676 - Use of Potentially Dangerous Function

The program invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.

References

Advisory Timeline

Published Jan 16, 2026

Use of Potentially Dangerous Function

CVE-2025-65117

Summary

CWE-676 - Use of Potentially Dangerous Function

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS