exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2026-40354

2 дня назад

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.

CVSS3: 2.9

EPSS: Низкий

CVE-2026-40354

4 дня назад

A flaw was found in Flatpak xdg-desktop-portal. A malicious Flatpak application can exploit this vulnerability by performing a symbolic link (symlink) attack on the `g_file_trash` function. This allows the Flatpak application to delete any file on the host system, leading to a denial of service.

CVSS3: 6.1

EPSS: Низкий

CVE-2026-40354

4 дня назад

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.

CVSS3: 2.9

EPSS: Низкий

CVE-2026-40354

4 дня назад

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allo ...

CVSS3: 2.9

EPSS: Низкий

GHSA-v5fw-rcv7-v6f3

4 дня назад

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.

CVSS3: 2.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-40354 Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.	CVSS3: 2.9	0% Низкий	2 дня назад
CVE-2026-40354 A flaw was found in Flatpak xdg-desktop-portal. A malicious Flatpak application can exploit this vulnerability by performing a symbolic link (symlink) attack on the `g_file_trash` function. This allows the Flatpak application to delete any file on the host system, leading to a denial of service.	CVSS3: 6.1	0% Низкий	4 дня назад
CVE-2026-40354 Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.	CVSS3: 2.9	0% Низкий	4 дня назад
CVE-2026-40354 Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allo ...	CVSS3: 2.9	0% Низкий	4 дня назад
GHSA-v5fw-rcv7-v6f3 Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash.	CVSS3: 2.9	0% Низкий	4 дня назад

Уязвимостей на страницу