KDE messagelib Vulnerability in Google Safe Browsing API Implementation
CVE-2025-69412

3.4LOW

Key Information:

Vendor: Kde
Status: Messagelib
Vendor: CVE Published:; 31 December 2025

What is CVE-2025-69412?

KDE messagelib versions prior to 25.11.90 contain a vulnerability in their implementation of the Google Safe Browsing Lookup API. This security flaw allows the software to ignore SSL errors during calls to the API, which can be exploited to spoof threat data. Although the Lookup API is not utilized by default in messagelib's configuration, the oversight presents potential risks if the API is enabled. Users and administrators should be aware of this vulnerability and consider updating to the latest version to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

messagelib 0 < 25.11.90

References

https://github.com/KDE/messagelib/compare/v25.11.80...v25...

https://github.com/KDE/messagelib/commit/01adef0482bb3d5c...

https://developers.google.com/safe-browsing/v4

CVSS V3.1

Score:

3.4

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 31, 2025
Vulnerability Reserved
Dec 31, 2025

JSON

Kde

What is CVE-2025-69412?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.