CVE-2026-25710

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The new upstream added a privileged D-Bus helper called plasmaloginauthhelper, which suffers from multiple issues, e.g.aA compromised plasmalogin service account can chown() arbitrary files in the system.

CWE	CWE-250
Vendor	kde
Product	plasma-login-manager
Published	May 13, 2026
Last Updated	May 13, 2026

Stay Ahead of the Next One

Get instant alerts for kde plasma-login-manager

Be the first to know when new unknown vulnerabilities affecting kde plasma-login-manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

KDE / plasma-login-manager

0 < ?

References

NVD ↗ CVE.org ↗ EPSS Data ↗

security.opensuse.org: https://security.opensuse.org/2026/04/27/plasma-login-manager.html#6-upstream-bugfix bugzilla.suse.com: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-25710 openwall.com: http://www.openwall.com/lists/oss-security/2026/04/27/1

Credits

Matthias Gerstner of SUSE