PGV-264501X - Anki's local HTTP server does not sufficiently validate requestsDisclosed on June 19, 2026 (updated June 19, 2026)
PGV-264501X is a category 2 vulnerabilty that affects aqt, versions < 25.9.3
The risk assessment shows that this vulnerability is exlpoited by a external attacker. An unauthorized external actor who attempts to exploit this vulnerability without legitimate access.
The impact is contained to the application. Exploitation remains confined to the application and cannot affect the host environment or external systems.
The threat damage has no measurable impact. Exploitation does not result in a meaningful impact to service or data.
Anki launches a local HTTP server to serve media files and web pages for parts of its interface. The server fails to validate requests in the following ways:
This allows malicious websites to exfiltrate local files given a known path.
The severity varies by browser because of Private Network Access (PNA), a newer spec that restricts web pages from making requests to localhost/local network addresses:
Chrome/Chromium (including Edge, Brave): Largely protected, as Chrome has implemented PNA restrictions for several years and now puts local network access behind a permission prompt.
Safari: Hasn't implemented PNA yet, though macOS has some OS-level protections.
Firefox: Most vulnerable — hasn't implemented PNA yet, though it's reportedly planned for Firefox 151.
The issue was fixed as of Anki 25.09.3
| Network Exposure | External Accessable from the public internet |
| Access Interface | WebBrowser Primarily web-based applications |
| Service Outage | Disruptive Operations would be impacted |
| Data Breach | Disruptive Operations would be impacted |
| Data Tampering | Disruptive Operations would be impacted |
| Customize | |
v2.0.5 © 2026 Inedo, LLC
