CVE-2026-10294

Severity CVSS v4.0:
LOW
Type:
Unavailable / Other
Publication date:
01/06/2026
Last modified:
02/06/2026

Description

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.