CVE-2026-5674
Gravedad CVSS v3.1:
ALTA
Tipo:
CWE-427
Elemento no controlado en la ruta de búsqueda
Fecha de publicación:
16/07/2026
Última modificación:
16/07/2026
Descripción
*** Pendiente de traducción *** A flaw was found in PipeWire, a multimedia server. This vulnerability allows an attacker to escape sandboxed applications, such as Flatpak, by exploiting PipeWire's PulseAudio compatibility layer. An attacker with minimal permissions within a sandboxed environment can load a malicious library, leading to arbitrary code execution outside the sandbox and potential compromise of the user's system.
Impacto
Puntuación base 3.x
8.80
Gravedad 3.x
ALTA



