Vulnerability DatabaseCVE-2025-49091
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2025-49091
June 11, 2025
KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.
Affected Packages
https://invent.kde.org/utilities/konsole.git (SCM_GIT):
Affected version(s) >=v1.1.0 <v25.04.2
Fix Suggestion:
Update to version v25.04.2
Related Resources (7)
https://kde.org/info/security/advisory-20250609-1.txt
https://www.openwall.com/lists/oss-security/2025/06/10/5
https://konsole.kde.org/changelog.html
https://invent.kde.org/utilities/konsole/-/commit/09d20dea109050b4c02fb73095f327b5642a2b75
https://proofnet.de/publikationen/konsole_rce.html
https://lists.debian.org/debian-lts-announce/2025/06/msg00019.html
https://invent.kde.org/utilities/konsole/-/tags
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
LOW
Subsequent System Confidentiality
HIGH
Subsequent System Integrity
HIGH
Subsequent System Availability
LOW
CVSS v3
Base Score:
8.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW
Weakness Type (CWE)
Always-Incorrect Control Flow Implementation
CWE-670
EPSS
Base Score:
0.19