Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-49091

HIGH
Published 2025-06-11T00:00:00.000Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-49091. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
8.2
/10
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
Base Score Metrics
Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector
Not Available
Attack Complexity
Not Available
Privileges Required
Not Available
User Interaction
Not Available
Scope
Not Available

Impact Metrics

Confidentiality
Not Available
Integrity
Not Available
Availability
Not Available

Description

KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.

Available Exploits

No exploits available for this CVE.

Related News

CVE-2025-49091: Konsole: Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole

Posted by Dennis Dast on Jun 10Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole ============================================================================================= Abstract -------- This issue affects s…

Seclists.org 2025-06-10 18:00
Read More

Affected Products

KDE

Konsole

Affected Versions:

0

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.

Affected Products (ENISA)

kde
konsole

ENISA Scoring

CVSS Score (3.1)

8.2
/10
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L

EPSS Score

0.120
probability

ENISA References

https://invent.kde.org/utilities/konsole/-/tags
https://konsole.kde.org/changelog.html
https://www.openwall.com/lists/oss-security/2025/06/10/5
https://invent.kde.org/utilities/konsole/-/commit/09d20dea109050b4c02fb73095f327b5642a2b75
https://kde.org/info/security/advisory-20250609-1.txt
https://proofnet.de/publikationen/konsole_rce.html
https://nvd.nist.gov/vuln/detail/CVE-2025-49091

Data provided by ENISA EU Vulnerability Database. Last updated: June 11, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-h4f3-5vvh-xjgj

Advisory Details

KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-49091
WEB https://invent.kde.org/utilities/konsole/-/commit/09d20dea109050b4c02fb73095f327b5642a2b75
WEB https://invent.kde.org/utilities/konsole/-/tags
WEB https://kde.org/info/security/advisory-20250609-1.txt
WEB https://konsole.kde.org/changelog.html
WEB https://proofnet.de/publikationen/konsole_rce.html
WEB https://www.openwall.com/lists/oss-security/2025/06/10/5

Advisory provided by GitHub Security Advisory Database. Published: June 11, 2025, Modified: June 11, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

1 post
Reddit 2 days, 8 hours ago
11d_space

Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole (CVE-2025-49091) This issue affects systems where KTelnetService and a vulnerable version of Konsole are installed but at least one of the programs telnet, rlogin or ssh is not installed. The vulnerability is in KDE's terminal emulator …

12
12.0
View Original

References

https://invent.kde.org/utilities/konsole/-/tags
https://konsole.kde.org/changelog.html
https://www.openwall.com/lists/oss-security/2025/06/10/5
https://invent.kde.org/utilities/konsole/-/commit/09d20dea109050b4c02fb73095f327b5642a2b75
https://kde.org/info/security/advisory-20250609-1.txt
https://proofnet.de/publikationen/konsole_rce.html
Published: 2025-06-11T00:00:00.000Z
Last Modified: 2025-06-11T13:40:13.765Z
Copied to clipboard!