2463375 – (CVE-2026-41525) CVE-2026-41525 dolphin: KDE Dolphin: Sandbox bypass allows potential arbitrary code execution via FileManager1 protocol

Bug 2463375 (CVE-2026-41525) - CVE-2026-41525 dolphin: KDE Dolphin: Sandbox bypass allows potential arbitrary code execution via FileManager1 protocol

Summary: CVE-2026-41525 dolphin: KDE Dolphin: Sandbox bypass allows potential arbitrar...

Keywords:
Status:	NEW
Alias:	CVE-2026-41525
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2463382 2463383
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-28 08:01 UTC by OSIDB Bzimport
Modified:	2026-04-28 08:19 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-28 08:01:30 UTC

KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of the FileManager1 protocol allows the path given to be any type of file, including scripts or executables. (By default, Dolphin will then prompt the user to determine if they want to launch a script or executable; however, the intended behavior is to block the attempted action, not present a consent prompt.)

Note You need to log in before you can comment on or make changes to this bug.