CVE-2025-6338

CRITICAL

Qt <6.9.2 - DoS

Title source: llm

Description

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2.

References (1)

[Various Sources] https://codereview.qt-project.org/c/qt/qtbase/+/651495

Scores

CVSS v4 9.2

EPSS 0.0011

EPSS Percentile 28.2%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-459

Status published

Products (4)

The Qt Company/Qt < 5.15.0

The Qt Company/Qt 5.15.0 - 6.8.3

The Qt Company/Qt 6.8.4 - 6.9.0

The Qt Company/Qt 6.9.0 - 6.9.2

Published Oct 16, 2025

Tracked Since Feb 18, 2026