CVE-2025-54310

medium

Description

qBittorrent before 5.1.2 does not prevent access to a local file that is referenced in a link URL. This affects rsswidget.cpp and searchjobwidget.cpp.

References

https://www.qbittorrent.org/news#wed-jul-02nd-2025---qbittorrent-v5.1.2-release

https://github.com/qbittorrent/qBittorrent/commit/ad68813fe879ba245a4f41f105ed8d2114a92971

https://github.com/qbittorrent/qBittorrent/commit/6ad073e0bc26c1f9d3530490ece611b49f5bfcab

Details

Source: Mitre, NVD

Published: 2025-07-18

Updated: 2025-07-22

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00027

Detections

Analytics