CVE-2025-6338

Summary

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2.

Affected Software

VendorProductVersion RangeStatus
The Qt CompanyQt0 < 5.15.0unaffected
The Qt CompanyQt5.15.0 <= 6.8.3affected
The Qt CompanyQt6.8.4 < 6.9.0unaffected
The Qt CompanyQt6.9.0 < 6.9.2affected

Weaknesses

  • CWE-459: CWE-459 Incomplete Cleanup

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References