CVE-2009-2260

stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network.

CVE-2025-55014

The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and elsewhere, sends an X11 selection to the dict.youdao.com and dict.cn servers via cleartext HTTP.