VYPR
Medium severity4.1NVD Advisory· Published Apr 20, 2025· Updated Jun 17, 2026

CVE-2025-43929

CVE-2025-43929

Description

open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.