Auth bypass in Https://github.com/linrunner Tlp

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

Vulnerability class: Broken Authentication

EPSS: 0.002 (10.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References