VYPR
Low severityNVD Advisory· Published May 19, 2026· Updated May 19, 2026

CVE-2025-14575

CVE-2025-14575

Description

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory.

Affected products

2
  • Qt/Qtbaseinferred2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.