CVE-2026-41527: CWE-670 Always-Incorrect Control Flow Implementation in KDE Kleopatra
A vulnerability in KDE Kleopatra before version 26. 08. 0 on Windows allows local users to escalate privileges due to a flaw in the KUniqueService mechanism that is intended to ensure only one instance of the application runs. This flaw can lead to incorrect control flow, enabling privilege escalation to that of a Kleopatra user. The vulnerability is tracked as CVE-2026-41527 and has a CVSS 3. 1 base score of 6. 9, indicating medium severity.
AI Analysis
Technical Summary
CVE-2026-41527 is a vulnerability in KDE Kleopatra on Windows platforms prior to version 26.08.0. It arises from an error in the KUniqueService component responsible for enforcing single-instance execution of the application. This error allows local users to bypass intended controls and obtain the privileges of a Kleopatra user, representing an incorrect control flow implementation categorized under CWE-670. The vulnerability has a medium severity rating with a CVSS 3.1 score of 6.9 (AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L). No official patch or remediation level has been published as of the data provided.
Potential Impact
Local users can exploit this vulnerability to escalate their privileges to those of a Kleopatra user on affected Windows systems. This could lead to unauthorized access to sensitive cryptographic functions or data managed by Kleopatra. The impact includes high confidentiality and integrity loss, and low availability impact. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the KDE vendor advisory for current remediation guidance. Since no official fix or remediation level is provided, users should monitor KDE's official channels for updates. Until a patch is available, restricting local user access and applying the principle of least privilege may reduce risk.
CVE-2026-41527: CWE-670 Always-Incorrect Control Flow Implementation in KDE Kleopatra
Description
A vulnerability in KDE Kleopatra before version 26. 08. 0 on Windows allows local users to escalate privileges due to a flaw in the KUniqueService mechanism that is intended to ensure only one instance of the application runs. This flaw can lead to incorrect control flow, enabling privilege escalation to that of a Kleopatra user. The vulnerability is tracked as CVE-2026-41527 and has a CVSS 3. 1 base score of 6. 9, indicating medium severity.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-41527 is a vulnerability in KDE Kleopatra on Windows platforms prior to version 26.08.0. It arises from an error in the KUniqueService component responsible for enforcing single-instance execution of the application. This error allows local users to bypass intended controls and obtain the privileges of a Kleopatra user, representing an incorrect control flow implementation categorized under CWE-670. The vulnerability has a medium severity rating with a CVSS 3.1 score of 6.9 (AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L). No official patch or remediation level has been published as of the data provided.
Potential Impact
Local users can exploit this vulnerability to escalate their privileges to those of a Kleopatra user on affected Windows systems. This could lead to unauthorized access to sensitive cryptographic functions or data managed by Kleopatra. The impact includes high confidentiality and integrity loss, and low availability impact. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the KDE vendor advisory for current remediation guidance. Since no official fix or remediation level is provided, users should monitor KDE's official channels for updates. Until a patch is available, restricting local user access and applying the principle of least privilege may reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-04-20T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e7f01d19fe3cd2cdfcab50
Added to database: 4/21/2026, 9:46:05 PM
Last enriched: 4/21/2026, 10:02:13 PM
Last updated: 4/21/2026, 11:52:11 PM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.