How severe is CVE-2025-67859?

The severity of CVE-2025-67859 has not been assessed with CVSS v3.

CVE-2025-67859

NONE

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

Published: 1/14/2026Updated: 1/14/2026

Description

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

AI AnalysisPowered by AI

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67859
https://security.opensuse.org/2026/01/07/tlp-polkit-authentication-bypass.html