EIP-2026-102626

PRE-CVE

KDE Konqueror 4.1 - Multiple Cross-Site Scripting / Denial of Service Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102626. PoCs published by athos.

AI-analyzed exploit summary This exploit demonstrates multiple XSS and DoS vulnerabilities in KDE Konqueror by leveraging unsanitized input in various URI schemes. The PoC includes JavaScript injection and crash triggers via malformed URIs.

Description

KDE Konqueror 4.1 - Multiple Cross-Site Scripting / Denial of Service Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by athos · textdoslinux

https://www.exploit-db.com/exploits/32696

View Code ZIP pw:eip

This exploit demonstrates multiple XSS and DoS vulnerabilities in KDE Konqueror by leveraging unsanitized input in various URI schemes. The PoC includes JavaScript injection and crash triggers via malformed URIs.

Classification

Working Poc 90%

Attack Type

Xss | Dos

Complexity

Trivial

Reliability

Reliable

Target: KDE Konqueror 4.1

No auth needed

Prerequisites: User interaction (clicking a link or visiting a crafted URI)

MITRE ATT&CK

T1059.007 - JavaScript T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026