CVE-2025-66270

Published
View on NVD ↗
CVSS v3
4.7
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49.

GSConnect/gnome-shell-extension-gsconnect
GSConnect/gnome-shell-extension-gsconnect
KDE Connect implementation for GNOME
GitHubGitHub
3.66K
andyholmes/valent
andyholmes/valent
Connect, control and sync devices
GitHubGitHub
864