High severity7.0NVD Advisory· Published Apr 29, 2024· Updated Apr 15, 2026

CVE-2024-33904

Description

In plugins/HookSystem.cpp in Hyprland through 0.39.1 (before 28c8561), through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file.

Patches

28c85619243e

https://github.com/hyprwm/hyprlandvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/hyprwm/Hyprland/commit/28c85619243e6320e75d7abcfe8244fa99d054ddnvd
github.com/hyprwm/Hyprland/issues/5787nvd
www.openwall.com/lists/oss-security/2024/04/28/3nvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000