Multiple vulnerabilities in KDE Kdenlive and Okular allowing remote code execution, security bypass, data manipulation, information disclosure, and denial of service

72% confidence

Description

Multiple vulnerabilities in KDE Kdenlive and Okular can be exploited by a remote anonymous attacker to execute arbitrary code, bypass security measures, manipulate data, disclose confidential information, or cause a denial-of-service condition.

Affected Products

Vendor	Product	Versions
kde	kdenlive and okular	—

Related News (1 articles)

Tier B

BSI Advisories9h ago

[NEU] [hoch] KDE Kdenlive und Okular: Mehrere Schwachstellen

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

PublishedMay 11, 2026

Last enriched8h ago

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-45184

CVE-2026-45184: Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used.

Trending: 20

MEDIUMCVE-2026-41526

CVE-2026-41526: In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a

Trending: 11

MEDIUMCVE-2026-41525

CVE-2026-41525: KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of th

Trending: 8

MEDIUMCVE-2026-42095EXP

CVE-2026-42095: bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL.

Trending: 3

MEDIUMCVE-2026-41527

CVE-2026-41527: KDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there i

Trending: 3

Pin to Dashboard

Verification

State: reported

Confidence: 72%

Vulnerability Timeline

CVE Published

May 11, 2026

Discovered by ZDM

May 11, 2026