CVE-2025-55174
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-26

Last updated on: 2025-11-26

Assigner: MITRE

Description
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-26
Last Modified
2025-11-26
Generated
2026-06-16
AI Q&A
2025-11-26
EPSS Evaluated
2026-06-15
NVD
CVE-2025-55174
EUVD
EUVD-2025-199713
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
kde skanpage *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-684 The code does not function according to its published specifications, potentially leading to incorrect usage.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in KDE Skanpage before version 25.08.0 occurs because the software uses QIODevice::ReadWrite mode instead of QIODevice::WriteOnly when overwriting files. This causes the new file to contain the new content at the beginning but also retain partial content from the old file at the end, leading to unintended file content mixing.

Impact Analysis

The vulnerability can cause files to be partially overwritten, resulting in files that contain both new and leftover old data. This can lead to data corruption or leakage of unintended information, potentially affecting data integrity and causing confusion or errors in file usage.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55174. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart