VYPR
Vendor

Hyprwm

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2024-33904HigApr 29, 2024
    risk 0.39cvss 7.0epss 0.00

    In plugins/HookSystem.cpp in Hyprland through 0.39.1 (before 28c8561), through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file.

  • CVE-2024-42029MedJul 27, 2024
    risk 0.34cvss 6.3epss 0.01

    xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single quotes are not used when sending a list of app IDs and titles via the environment.