Kitty
1 CVEs
product
Monthly
open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE. Rated medium severity (CVSS 4.1), this vulnerability is no authentication required. Public exploit code available.
Information Disclosure
Kitty
Suse
NVD
GitHub
CVSS 3.1
4.1
EPSS
0.1%
EPSS 0%
CVSS 4.1
MEDIUM
POC
PATCH
This Month
open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE. Rated medium severity (CVSS 4.1), this vulnerability is no authentication required. Public exploit code available.
Information Disclosure
Kitty
Suse
NVD
GitHub