Nixpkgs security tracker
Permalink
CVE-2026-41526
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): LOW
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse ignored
- @LeSuisse accepted
- @LeSuisse published on GitHub
In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely …
In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path to handle user input are affected and could be exploited. In particular, because sendInput() sends a string to a terminal, a control character such as \x01 can be used during injection.
References
Affected products
KCoreAddons
- <6.25
Matching in nixpkgs
pkgs.libsForQt5.kcoreaddons
None
pkgs.kdePackages.kcoreaddons
KCoreAddons
Package maintainers
-
@K900 Ilya K. <me@0upti.me>
-
@bkchr Bastian Köcher <nixos@kchr.de>
-
@nyanloutre Paul Trehiou <paul@nyanlout.re>
-
@FRidh Frederik Rietdijk <fridh@fridh.nl>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@peterhoeg Peter Hoeg <peter@hoeg.com>