Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used.Referenceshttps://commits.kde.org/kdenlive/94042ddd259551e4a7a5f6672329752972c84685https://commits.kde.org/kdenlive/c3999aacc6da54756f3df8aab03b900459562ecdhttps://kde.org/info/security/advisory-20260508-1.txt
