CVE-2026-42095: Medium severity KDE Arianna (bookserver) vulnerability

Q: What is the severity of CVE-2026-42095?

CVE-2026-42095 is classified as a medium severity vulnerability due to its potential for unauthorized file access.

Q: How do I fix CVE-2026-42095?

To fix CVE-2026-42095, update the KDE Arianna bookserver to version 26.04.1 or later.

Q: What are the consequences of exploiting CVE-2026-42095?

Exploiting CVE-2026-42095 allows attackers to read sensitive files by guessing URLs, which can lead to data leakage.

Q: Which versions of KDE Arianna are affected by CVE-2026-42095?

KDE Arianna versions prior to 26.04.1 are vulnerable to CVE-2026-42095.

Q: Can I mitigate the risk of CVE-2026-42095 without updating?

Mitigating CVE-2026-42095 without updating is difficult, but restricting access to the bookserver may reduce the risk.

Published Apr 24, 2026

Updated

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL.

Affected Software

1 affected component

KDE Arianna (bookserver)<26.04.1

Event History

Apr 24, 2026

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

DescriptionSeverityWeakness

Data Sourced

via NVD·03:16 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-42095?

CVE-2026-42095 is classified as a medium severity vulnerability due to its potential for unauthorized file access.

How do I fix CVE-2026-42095?

To fix CVE-2026-42095, update the KDE Arianna bookserver to version 26.04.1 or later.

What are the consequences of exploiting CVE-2026-42095?

Exploiting CVE-2026-42095 allows attackers to read sensitive files by guessing URLs, which can lead to data leakage.

Which versions of KDE Arianna are affected by CVE-2026-42095?

KDE Arianna versions prior to 26.04.1 are vulnerable to CVE-2026-42095.

Can I mitigate the risk of CVE-2026-42095 without updating?