CVE-2025-69412

Published January 1st, 2026

View on NVD ↗

CVSS v3

3.4

LOW

CVSS v2

N/A

Affected

PROJECT

Description

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API (aka phishing API), which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration.

KDE/messagelib

Library components for messages (e.g. displaying Akonadi collections)

GitHub