Lucene search
K

133 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 6:58 a.m.6 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00529EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/06/29 5:50 p.m.7 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00529EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/06/24 1:9 p.m.5 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00529EPSS
Exploits1References12
OSV
OSV
added 2026/06/24 12:0 a.m.6 views

ALSA-2026:28998 Important: evince security update

The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files, and, with additional back-ends, also the Device Independent File format DVI files. Security Fixes: atril: evince: xreader: PDF /GoToR action argv...

8.4CVSS5.9AI score0.00529EPSS
Exploits1References4
OSV
OSV
added 2026/06/23 1:25 p.m.3 views

OPENSUSE-SU-2026:21152-1 Security update for atril

This update for atril fixes the following issues: Changes in atril: - Update to version 1.28.4 bsc1265880 CVE-2026-46519: Build fixes Fix tests imported from XReader Fix tests with AT-SPI2 = 2.53 Improve search system pdf: Always use popplerdocumentsave to avoid data loss Use properties for...

8.8CVSS5.8AI score0.00376EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 11:15 a.m.5 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00529EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Debian dsa-6349 : atril - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6349 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6349-1 [email protected] https://www.debian.org/security/...

8.4CVSS5.8AI score0.00529EPSS
Exploits1References4
Debian
Debian
added 2026/06/17 5:35 p.m.4 views

[SECURITY] [DSA 6349-1] atril security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6349-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 17, 2026 https://www.debian.org/security/faq -...

8.4CVSS5.2AI score0.00529EPSS
Exploits1
Debian
Debian
added 2026/06/16 7:50 p.m.7 views

[SECURITY] [DLA 4632-1] atril security update

Debian LTS Advisory DLA-4632-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson June 16, 2026 https://wiki.debian.org/LTS Package : atril Version : 1.26.0-2+deb12u4 CVE ID : CVE-2026-46529 Debian Bug : 1139874 It was discovered that atril, a simple multi-page...

8.4CVSS5.3AI score0.00529EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.9 views

Debian dla-4632 : atril - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dla-4632 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4632-1 [email protected] https://www.debian.org/lts/security/...

8.4CVSS5.3AI score0.00529EPSS
Exploits1References5
Mageia
Mageia
added 2026/06/15 3:56 p.m.14 views

Updated evince, atril & xreader packages fix security vulnerability

Evince/Atril/Xreader command injection. CVE-2026-46529...

8.4CVSS5.2AI score0.00529EPSS
Exploits1References2
OSV
OSV
added 2026/06/15 3:56 p.m.10 views

MGASA-2026-0209 Updated evince, atril & xreader packages fix security vulnerability

Evince/Atril/Xreader command injection. CVE-2026-46529...

8.4CVSS5.3AI score0.00529EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/11 4:27 p.m.10 views

CVE-2026-46529

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.4AI score0.00529EPSS
Exploits1References11
NVD
NVD
added 2026/06/10 8:17 p.m.9 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS0.00529EPSS
Exploits1References17
Cvelist
Cvelist
added 2026/06/10 7:46 p.m.41 views

CVE-2026-46529 PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS0.00529EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/06/10 7:46 p.m.8 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.5AI score0.00529EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/06/10 7:46 p.m.10 views

CVE-2026-46529 PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.4AI score0.00529EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/06/10 7:46 p.m.13 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.5AI score0.00529EPSS
Exploits1
CVE
CVE
added 2026/06/10 7:46 p.m.136 views

CVE-2026-46529

Technical details such as affected versions, impact, and remediation are not provided in the supplied documents; monitor for updates from official advisories.

8.4CVSS6.5AI score0.00529EPSS
Exploits1References17
EUVD
EUVD
added 2026/06/10 7:46 p.m.10 views

EUVD-2026-36109

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

9.6CVSS8.2AI score0.02359EPSS
Exploits3References3
Rows per page
Query Builder