Critical severity10.0NVD Advisory· Published Apr 7, 2026· Updated Apr 24, 2026
CVE-2026-34078
CVE-2026-34078
Description
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to gain code execution in the host context. This vulnerability is fixed in 1.16.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- osv-coords17 versionspkg:rpm/almalinux/flatpakpkg:rpm/almalinux/flatpak-develpkg:rpm/almalinux/flatpak-libspkg:rpm/almalinux/flatpak-selinuxpkg:rpm/almalinux/flatpak-session-helperpkg:rpm/opensuse/flatpak&distro=openSUSE%20Tumbleweedpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6
< 1.12.9-4.el9_8.1+ 16 more
- (no CPE)range: < 1.12.9-4.el9_8.1
- (no CPE)range: < 1.12.9-4.el9_8.1
- (no CPE)range: < 1.12.9-4.el9_8.1
- (no CPE)range: < 1.12.9-4.el9_8.1
- (no CPE)range: < 1.12.9-4.el9_8.1
- (no CPE)range: < 1.16.6-1.1
- (no CPE)range: < 1.12.8-150400.3.12.1
- (no CPE)range: < 1.12.8-150400.3.12.1
- (no CPE)range: < 1.16.0-150500.3.18.1
- (no CPE)range: < 1.16.0-150500.3.18.1
- (no CPE)range: < 1.16.0-150600.3.9.1
- (no CPE)range: < 1.12.8-150400.3.12.1
- (no CPE)range: < 1.16.0-150500.3.18.1
- (no CPE)range: < 1.16.0-150600.3.9.1
- (no CPE)range: < 1.12.8-150400.3.12.1
- (no CPE)range: < 1.16.0-150500.3.18.1
- (no CPE)range: < 1.16.0-150600.3.9.1
Patches
Vulnerability mechanics
References
3- www.openwall.com/lists/oss-security/2026/04/09/8nvdThird Party AdvisoryMailing List
- www.openwall.com/lists/oss-security/2026/04/10/14nvdMailing ListThird Party Advisory
- github.com/flatpak/flatpak/security/advisories/GHSA-cc2q-qc34-jprgnvdVendor Advisory
News mentions
0No linked articles in our index yet.