One problem, multiple risks
https://www.bleepingcomputer.com/news/security/qbittorrent-fixes-flaw-exposing-users-to-mitm-attacks-for-14-years/
qBittorrent has addressed a remote code execution flaw caused by the failure to validate SSL/TLS certificates in the application's DownloadManager, a component that manages downloads throughout the app.
The flaw, introduced in a commit on April 6, 2010, was eventually fixed in the latest release, version 5.0.1, on October 28, 2024, more than 14 years later.