Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-1tnr-ffmx-5kej
Vulnerability ID VCID-1tnr-ffmx-5kej
Aliases CVE-2014-2527
Summary kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " (double quote) character in the directory name, a different vulnerability than CVE-2014-2528.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00953 https://api.first.org/data/v1/epss?cve=CVE-2014-2527
epss 0.00953 https://api.first.org/data/v1/epss?cve=CVE-2014-2527
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2014-2527
GLSA-201406-15 https://security.gentoo.org/glsa/201406-15
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.7675
EPSS Score 0.00953
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:39:42.662836+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0