We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-49091



Description

KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.

Reserved 2025-05-31 | Published 2025-06-11 | Updated 2025-06-11 | Assigner mitre


HIGH: 8.2CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L

Problem types

CWE-670 Always-Incorrect Control Flow Implementation

Product status

Default status
unaffected

Any version before 25.04.2
affected

References

invent.kde.org/utilities/konsole/-/tags

konsole.kde.org/changelog.html

www.openwall.com/lists/oss-security/2025/06/10/5

invent.kde.org/...t/09d20dea109050b4c02fb73095f327b5642a2b75

kde.org/info/security/advisory-20250609-1.txt

proofnet.de/publikationen/konsole_rce.html

cve.org (CVE-2025-49091)

nvd.nist.gov (CVE-2025-49091)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-49091

Support options

Helpdesk Chat, Email, Knowledgebase