What is the CVSS score of CVE-2025-55174?

CVE-2025-55174 has a CVSS 3.1 base score of 3.2 (Low). CVSS vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of In KDE Skanpage are affected by CVE-2025-55174?

CVE-2025-55174 is a low-severity vulnerability in KDE Skanpage (CVSS 3.2). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation.

How to fix or mitigate CVE-2025-55174?

During next maintenance window: Apply vendor patches when convenient. Monitor vendor channels for updates.

In KDE Skanpage CVE-2025-55174

LOW

Incorrect Provision of Specified Functionality (CWE-684)

2025-11-26 cve@mitre.org

Information Disclosure

3.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:24 vuln.today

CVE Published

Nov 26, 2025 - 06:15 nvd

LOW 3.2

DescriptionNVD

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly.

AnalysisAI

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of. Rated low severity (CVSS 3.2), this vulnerability is no authentication required. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-684. In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly. Version information: before 25.08.0.

Affected ProductsAI

See vendor advisory for affected versions.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-55174 vulnerability details – vuln.today

Back

In KDE Skanpage CVE-2025-55174

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Share

External POC / Exploit Code