CVE-2025-66270 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-66270 Interim 1 1 2025-12-23T00:15:22Z current 2025-12-23T00:15:22Z 2025-12-23T00:15:22Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-66270 The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed kdeconnect-kde-25.11.90-1.1 kdeconnect-kde-lang-25.11.90-1.1 kdeconnect-kde-25.11.90-1.1 as a component of openSUSE Tumbleweed kdeconnect-kde-lang-25.11.90-1.1 as a component of openSUSE Tumbleweed The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49. CVE-2025-66270 openSUSE Tumbleweed:kdeconnect-kde-25.11.90-1.1 openSUSE Tumbleweed:kdeconnect-kde-lang-25.11.90-1.1 moderate