CVE-2026-10294 | PackageKit up to 1.3.5 API src/pk-transaction.c g_file_test frontend-socket improper authorization (Issue 969)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability, which was classified as problematic, was found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization.

This vulnerability is documented as CVE-2026-10294. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-10294 | PackageKit up to 1.3.5 API src/pk-transaction.c g_file_test frontend-socket improper authorization (Issue 969)

Post correlati

CVE-2025-44887 | Planet Technology FW-WGS-804HPT 1.305b241111 web_radiusSrv_post radIpkey stack-based overflow

CVE-2023-3352 | Smush Plugin up to 3.16.4 on WordPress Resmush List authorization

CVE-2025-41702 | Welotec EG400Mk2-D11001-000101 up to 1.7.6/1.8.1 hard-coded key (VDE-2025-076)

CVE-2025-25352 | PHPGurukul Land Record System 1.0 POST Request Parameter sql injection