UBUNTU-CVE-2026-34078

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2026-34078

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-34078.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2026-34078

Upstream

CVE-2026-34078

Published

2026-04-07T22:16:00Z

Modified

2026-05-20T16:12:55.086434902Z

Severity

9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to gain code execution in the host context. This vulnerability is fixed in 1.16.4.

References

Affected packages

Ubuntu:18.04:LTS

flatpak

Package

Name: flatpak
Purl: pkg:deb/ubuntu/flatpak?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.8.7-5

0.10.0-1

0.10.0-2

0.10.1-1

0.10.2-1

0.10.2.1-1

0.10.2.1-2

0.10.3-1

0.11.1-0ubuntu1

0.11.3-2

0.11.3-3

0.11.7-0ubuntu0.1

1.*

1.0.1-0ubuntu0.1

1.0.6-0ubuntu0.1

1.0.7-0ubuntu0.18.04.1

1.0.8-0ubuntu0.18.04.1

1.0.9-0ubuntu0.1

1.0.9-0ubuntu0.2

1.0.9-0ubuntu0.3

1.0.9-0ubuntu0.4

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "flatpak",
            "binary_version": "1.0.9-0ubuntu0.4"
        },
        {
            "binary_name": "flatpak-tests",
            "binary_version": "1.0.9-0ubuntu0.4"
        },
        {
            "binary_name": "gir1.2-flatpak-1.0",
            "binary_version": "1.0.9-0ubuntu0.4"
        },
        {
            "binary_name": "libflatpak0",
            "binary_version": "1.0.9-0ubuntu0.4"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-34078.json"

Ubuntu:20.04:LTS

flatpak

Package

Name: flatpak
Purl: pkg:deb/ubuntu/flatpak?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4.3-1

1.6.0-1

1.6.1-1

1.6.2-1

1.6.3-1

1.6.5-0ubuntu0.1

1.6.5-0ubuntu0.2

1.6.5-0ubuntu0.3

1.6.5-0ubuntu0.4

1.6.5-0ubuntu0.5

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "flatpak",
            "binary_version": "1.6.5-0ubuntu0.5"
        },
        {
            "binary_name": "flatpak-tests",
            "binary_version": "1.6.5-0ubuntu0.5"
        },
        {
            "binary_name": "gir1.2-flatpak-1.0",
            "binary_version": "1.6.5-0ubuntu0.5"
        },
        {
            "binary_name": "libflatpak0",
            "binary_version": "1.6.5-0ubuntu0.5"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-34078.json"

Ubuntu:22.04:LTS

flatpak

Package

Name: flatpak
Purl: pkg:deb/ubuntu/flatpak?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.2-3

1.12.2-1

1.12.2-2

1.12.3-1

1.12.4-1

1.12.5-1

1.12.6-1

1.12.7-1

1.12.7-1ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "flatpak",
            "binary_version": "1.12.7-1ubuntu0.1"
        },
        {
            "binary_name": "flatpak-tests",
            "binary_version": "1.12.7-1ubuntu0.1"
        },
        {
            "binary_name": "gir1.2-flatpak-1.0",
            "binary_version": "1.12.7-1ubuntu0.1"
        },
        {
            "binary_name": "libflatpak0",
            "binary_version": "1.12.7-1ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-34078.json"

Ubuntu:24.04:LTS

flatpak

Package

Name: flatpak
Purl: pkg:deb/ubuntu/flatpak?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.14.4-2

1.14.5-1

1.14.5-1build1

1.14.5-1build4

1.14.5-1build5

1.14.5-1build6

1.14.6-1

1.14.6-1ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "flatpak",
            "binary_version": "1.14.6-1ubuntu0.1"
        },
        {
            "binary_name": "flatpak-tests",
            "binary_version": "1.14.6-1ubuntu0.1"
        },
        {
            "binary_name": "gir1.2-flatpak-1.0",
            "binary_version": "1.14.6-1ubuntu0.1"
        },
        {
            "binary_name": "libflatpak0",
            "binary_version": "1.14.6-1ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-34078.json"

Ubuntu:25.10

flatpak

Package

Name: flatpak
Purl: pkg:deb/ubuntu/flatpak?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.16.0-2

1.16.1-1build1

1.16.1-2

1.16.1-2ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "flatpak",
            "binary_version": "1.16.1-2ubuntu1"
        },
        {
            "binary_name": "flatpak-tests",
            "binary_version": "1.16.1-2ubuntu1"
        },
        {
            "binary_name": "gir1.2-flatpak-1.0",
            "binary_version": "1.16.1-2ubuntu1"
        },
        {
            "binary_name": "libflatpak0",
            "binary_version": "1.16.1-2ubuntu1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-34078.json"

Ubuntu:26.04:LTS

flatpak

Package

Name: flatpak
Purl: pkg:deb/ubuntu/flatpak?arch=source&distro=resolute

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.16.1-2ubuntu1

1.16.1-3ubuntu1

1.16.2-1

1.16.3-1

1.16.3-1build1

1.16.4-1

1.16.4-2

1.16.6-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "flatpak",
            "binary_version": "1.16.6-1"
        },
        {
            "binary_name": "flatpak-tests",
            "binary_version": "1.16.6-1"
        },
        {
            "binary_name": "gir1.2-flatpak-1.0",
            "binary_version": "1.16.6-1"
        },
        {
            "binary_name": "libflatpak0",
            "binary_version": "1.16.6-1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-34078.json"