GNOME Yelp
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in GNOME Yelp.
By the Year
In 2026 there have been 0 vulnerabilities in GNOME Yelp. Last year, in 2025 Yelp had 1 security vulnerability published. Right now, Yelp is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 7.40 |
It may take a day or so for new Yelp vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent GNOME Yelp Security Vulnerabilities
Yelp GNOME Help Viewer RCE: Arbitrary Script Exec via Help Docs
CVE-2025-3155
7.4 - High
- April 03, 2025
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.
Open Redirect
Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24
CVE-2008-3533
- August 18, 2008
Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs.
Use of Externally-Controlled Format String
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for GNOME Yelp or by GNOME? Click the Watch button to subscribe.
