CVE-2026-42095 PUBLISHED

Assigner: mitre
Reserved: 24.04.2026 Published: 24.04.2026 Updated: 24.04.2026

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS Score: 4

Product Status

Vendor KDE
Product Arianna
Versions Default: unaffected
  • affected from 0 to 26.04.1 (excl.)

References

Problem Types

  • CWE-306 Missing Authentication for Critical Function CWE