CVE-2025-54310 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
mitre	CNA	4 MEDIUM				CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

qbittorrent

bullseye	postponed
bookworm	no-dsa
sid	5.1.0-2 fixed
trixie	5.1.0-2 fixed

Common Weakness Enumeration

CWE-669 - Incorrect Resource Transfer Between Spheres
The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.

References

https://github.com/qbittorrent/qBittorrent/commit/6ad073e0bc26c1f9d3530490ece611b49f5bfcab

https://github.com/qbittorrent/qBittorrent/commit/ad68813fe879ba245a4f41f105ed8d2114a92971

https://www.qbittorrent.org/news#wed-jul-02nd-2025---qbittorrent-v5.1.2-release