NIXPKGS-2026-1209

GitHub issue published on

Permalink CVE-2026-41527

6.9 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

updated 1 week ago by @LeSuisse Activity log

Created suggestion 1 week ago
@LeSuisse accepted 1 week ago
@LeSuisse published on GitHub 1 week ago

KDE Kleopatra before 26.08.0 on Windows allows local users to …

KDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there is an error in the mechanism (KUniqueService) for ensuring that only one instance is running.

References

Ignored references (1)

https://github.com/KDE/kleopatra/releases

Affected products

Kleopatra

<26.08.0

Matching in nixpkgs

pkgs.kdePackages.kleopatra

Certificate manager and GUI for OpenPGP and CMS cryptography

nixos-unstable 26.04.0
- nixpkgs-unstable 25.12.3
- nixos-unstable-small 26.04.0
nixos-25.11 25.08.3
- nixos-25.11-small 25.08.3
- nixpkgs-25.11-darwin 25.08.3

Package maintainers

@nyanloutre Paul Trehiou <paul@nyanlout.re>
@K900 Ilya K. <me@0upti.me>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@FRidh Frederik Rietdijk <fridh@fridh.nl>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@NickCao Nick Cao <nickcao@nichi.co>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@peterhoeg Peter Hoeg <peter@hoeg.com>
@bkchr Bastian Köcher <nixos@kchr.de>

Nixpkgs security tracker

Details of issue NIXPKGS-2026-1209

References

Affected products

Matching in nixpkgs

pkgs.kdePackages.kleopatra

Package maintainers