CVE-2026-41651 | PackageKit up to 1.3.4 src/pk-transaction.c InstallFiles toctou

Inserito da Angelo Barbosa | Apr 22, 2026 | CVE

A vulnerability has been found in PackageKit up to 1.3.4 and classified as problematic. This impacts the function InstallFiles of the file src/pk-transaction.c. Performing a manipulation results in time-of-check time-of-use.

This vulnerability is identified as CVE-2026-41651. The attack is only possible with local access. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-41651 | PackageKit up to 1.3.4 src/pk-transaction.c InstallFiles toctou

Post correlati

CVE-2025-11123 | Tenda AC18 15.03.05.19 /goform/saveAutoQos enable stack-based overflow

CVE-2024-47156 | Honor MagicOS prior 8.0.0.135 information disclosure

CVE-2026-22011 | Oracle Applications DBA up to 12.2.15 ADPatch access control

CVE-2024-32487 | less up to 653 File Name filename.c LESSOPEN os command injection