CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/06/14 12:0 a.m.•5 views

openSUSE 16 Security Update : xdg-dbus-proxy (openSUSE-SU-2026:20934-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20934-1 advisory. This update for xdg-dbus-proxy fixes the following issue: - CVE-2026-34080: failure in the policy parser can lead to information disclosure bsc1261737...

6.8CVSS5.4AI score0.00175EPSS

Exploits0References3

OSV•added 2026/06/10 2:52 p.m.•5 views

OPENSUSE-SU-2026:20934-1 Security update for xdg-dbus-proxy

This update for xdg-dbus-proxy fixes the following issue: - CVE-2026-34080: failure in the policy parser can lead to information disclosure bsc1261737...

6.8CVSS5.4AI score0.00175EPSS

Mageia•added 2026/06/07 5:10 a.m.•12 views

Updated xdg-dbus-proxy packages fix security vulnerability

A policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases...

6.8CVSS5.5AI score0.00175EPSS

Exploits0References3

OSV•added 2026/06/07 5:10 a.m.•10 views

MGASA-2026-0178 Updated xdg-dbus-proxy packages fix security vulnerability

6.8CVSS5.4AI score0.00175EPSS

SUSE Linux•added 2026/05/28 4:4 p.m.•12 views

Security update for xdg-desktop-portal

This update for xdg-desktop-portal fixes the following issue: CVE-2026-40354: File deletion via symlink attack bsc1262045. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

5.5CVSS5.8AI score0.00128EPSS

OSV•added 2026/05/28 4:3 p.m.•2 views

SUSE-SU-2026:2105-1 Security update for xdg-desktop-portal

This update for xdg-desktop-portal fixes the following issue: - CVE-2026-40354: File deletion via symlink attack bsc1262045...

Ubuntu•added 2026/05/26 6:25 p.m.•16 views

Exploits0References3

USN-8167-2: xdg-dbus-proxy vulnerability

USN-8167-1 fixed a vulnerability in xdg-dbus-proxy. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that xdg-dbus-proxy incorrectly handled eavesdropping in policy rules. A local attacker could possibly use this issue to intercept...

OSV•added 2026/05/26 6:25 p.m.•8 views

Exploits0

USN-8167-2 xdg-dbus-proxy vulnerability

Tenable Nessus•added 2026/05/22 12:0 a.m.•10 views

Ubuntu 24.04 LTS / 25.10 : XDG Desktop Portal vulnerability (USN-8287-1)

The remote Ubuntu 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8287-1 advisory. It was discovered that XDG Desktop Portal incorrectly handled trashing files. A local attacker could possibly use this issue to delete arbitrary files on...

6.3CVSS6AI score0.00128EPSS

Ubuntu•added 2026/05/20 6:2 p.m.•9 views

USN-8287-1: XDG Desktop Portal vulnerability

It was discovered that XDG Desktop Portal incorrectly handled trashing files. A local attacker could possibly use this issue to delete arbitrary files on the host file system via a symlink attack...

6.3CVSS5.9AI score0.00128EPSS

Exploits0

OSV•added 2026/05/20 6:2 p.m.•7 views

USN-8287-1 xdg-desktop-portal vulnerability

It was discovered that XDG Desktop Portal incorrectly handled trashing files. A local attacker could possibly use this issue to delete arbitrary files on the host file system via a symlink attack...

6.3CVSS5.9AI score0.00128EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•8 views

Amazon Linux 2023 : xdg-desktop-portal, xdg-desktop-portal-devel (ALAS2023-2026-1669)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1669 advisory. Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash. CVE-2026-40354 Tenable has extracted t...

OSV•added 2026/05/15 1:59 p.m.•5 views

OESA-2026-2287 xdg-dbus-proxy security update

xdg-dbus-proxy is a filtering proxy for D-Bus connections. It was originally part of the flatpak project, but it has been broken out as a standalone module to facilitate using it in other contexts. Security Fixes: xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy...

OSV•added 2026/05/15 1:59 p.m.•4 views

OESA-2026-2286 xdg-dbus-proxy security update

Amazon•added 2026/05/14 12:0 a.m.•14 views

Medium: xdg-desktop-portal

Issue Overview: Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash. CVE-2026-40354 Affected Packages: xdg-desktop-portal Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Tenable Nessus•added 2026/05/14 12:0 a.m.•5 views

Exploits0

Amazon Linux 2 : xdg-desktop-portal, --advisory ALAS2-2026-3298 (ALAS-2026-3298)

The version of xdg-desktop-portal installed on the remote host is prior to 1.0.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3298 advisory. Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host...

OSV•added 2026/05/09 12:30 p.m.•5 views

OESA-2026-2213 xdg-dbus-proxy security update

OSV•added 2026/05/09 12:30 p.m.•9 views

OESA-2026-2212 xdg-dbus-proxy security update