CVE-2025-55174
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-55174, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-11-26

Last updated on: 2025-11-26

Assigner: MITRE

Description

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-11-26
Last Modified
2025-11-26
Generated
2026-07-06
AI Q&A
2025-11-26
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
kde skanpage *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-684 The code does not function according to its published specifications, potentially leading to incorrect usage.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in KDE Skanpage before version 25.08.0 occurs because the software uses QIODevice::ReadWrite mode instead of QIODevice::WriteOnly when overwriting files. This causes the new file to contain the new content at the beginning but also retain partial content from the old file at the end, leading to unintended file content mixing.

Impact Analysis

The vulnerability can cause files to be partially overwritten, resulting in files that contain both new and leftover old data. This can lead to data corruption or leakage of unintended information, potentially affecting data integrity and causing confusion or errors in file usage.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55174. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart