Local File Access Vulnerability in qBittorrent by QtBitTorrent
CVE-2025-54310

4MEDIUM

Key Information:

Vendor: Qbittorrent
Status: Qbittorrent
Vendor: CVE Published:; 18 July 2025

🔔 Create Qbittorrent Vulnerability Alert

What is CVE-2025-54310?

The qBittorrent application, prior to version 5.1.2, contains a vulnerability that allows unauthorized access to local files via links in RSS feeds and search results. This flaw, present in the rsswidget.cpp and searchjobwidget.cpp components, can potentially expose sensitive information to unauthorized users, making it crucial for users to upgrade to the latest version to mitigate the risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

qBittorrent 0 < 5.1.2

References

https://www.qbittorrent.org/news#wed-jul-02nd-2025---qbit...

https://github.com/qbittorrent/qBittorrent/commit/6ad073e...

https://github.com/qbittorrent/qBittorrent/commit/ad68813...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jul 18, 2025
Vulnerability Reserved
Jul 18, 2025

JSON

Qbittorrent

What is CVE-2025-54310?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.