It was discovered that missing validation of the device ID during handshakes in KDE Connect, a tool to integrate smart phones to a desktop, could allow an attacker to impersonate another device. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in
Comment