It was discovered that in pidgin before 2.14.9 if not using DNSSEC it is trivial to perform a man in the middle attack a client via DNS spoofing. Reference: https://pidgin.im/about/security/advisories/cve-2022-26491/
Created pidgin tracking bugs for this issue: Affects: fedora-all [bug 2081228]