Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how kde compares to other vendors in security performance

View Risk Score →

oss-secOn the issue of MIME handlers that execute arbitrary code (e.g. Wine)

First published (updated )
https://seclists.org/oss-sec/2026/q2/573

KDE KdenliveKdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file i…

Risk 54
Severity
6.5
First published (updated )
CVE-2026-45184

KDE KCoreAddonsIn KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they…

Risk 68
Severity
7.8
First published (updated )
CVE-2026-41526

KDE DolphinKDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open f…

Risk 56
Severity
6.5
First published (updated )
CVE-2026-41525

KDE plasma-login-managerplasma-login-manager: Weaknesses in plasmaloginauthhelper (CVE-2026-25710)

Risk 69
Severity
7
First published (updated )
CVE-2026-25710
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

oss-secplasma-login-manager: Weaknesses in plasmaloginauthhelper (CVE-2026-25710)

First published (updated )
https://seclists.org/oss-sec/2026/q2/228

KDE Arianna (bookserver)bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by …

Risk 21
Severity
4
First published (updated )
CVE-2026-42095

KDE KleopatraKDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra u…

Risk 58
Severity
6.9
First published (updated )
CVE-2026-41527

KDE Plasma 6.6End of life details

First published (updated )
EOL-kde-plasma-6.6

KDE messagelibKDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing…

Risk 19
Severity
3.4
First published (updated )
CVE-2025-69412
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

oss-secsmb4k: Major Vulnerabilities in KAuth Helper (CVE-2025-66002, CVE-2025-66003)

First published (updated )
https://seclists.org/oss-sec/2025/q4/261

KDE KDE ConnectThe KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore al…

Risk 32
Severity
4.7
First published (updated )
CVE-2025-32898

KDE KDE ConnectIn KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to u…

Risk 22
Severity
4.3
First published (updated )
CVE-2025-32899

KDE KDE ConnectIn KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause a…

Risk 22
Severity
4.3
First published (updated )
CVE-2025-32901

KDE KDE ConnectThe KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This …

Risk 32
Severity
4.7
First published (updated )
CVE-2025-66270
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

KDE KDE ConnectIn the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to tempo…

Risk 22
Severity
4.3
First published (updated )
CVE-2025-32900

KDE SkanpageIn KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new f…

Risk 18
Severity
3.2
First published (updated )
CVE-2025-55174

KDE KritaBuffer Overflow

Risk 45
Severity
6.7
First published (updated )
CVE-2025-59820

KDE KritaKrita TGA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Risk 51
First published (updated )
Advisory
ZDI-25-972

KDE KritaZDI-25-972: Krita TGA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Risk 58
First published (updated )
ZDI-CAN-27830
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

KDE Plasma 6.5Reached end of life

EOL
Feb 17, 2026
Support Ends
Feb 17, 2026
First published (updated )
EOL-kde-plasma-6.5

KDE Plasma 6.4Reached end of life

EOL
Oct 21, 2025
Support Ends
Oct 21, 2025
First published (updated )
EOL-kde-plasma-6.4

KDE KonsoleKDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading U…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2371635

KDE KonsoleKonsole: Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole < 25.04.2

Risk 52
Severity
8.2
EPSS
0.12%
First published (updated )
CVE-2025-49091

Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole (CVE-2025-49091)

First published (updated )
Social
reddit
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

KDE Plasma 6.3Reached end of life

EOL
Jun 17, 2025
Support Ends
Jun 17, 2025
First published (updated )
EOL-kde-plasma-6.3

KDE Arklibarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.

Risk 31
Severity
5
First published (updated )
CVE-2024-57966

KDE Plasma 6.2Reached end of life

EOL
Feb 11, 2025
Support Ends
Feb 11, 2025
First published (updated )
EOL-kde-plasma-6.2

KDE Plasma 6.2Reached end of life

EOL
Feb 11, 2025
Support Ends
Feb 11, 2025
First published (updated )
latest-version-kde-plasma-6.2

KDE kmailispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an a…

Risk 42
Severity
5.9
First published (updated )
CVE-2024-50624
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203