| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40354 | XDG Desktop Portal 安全漏洞 | Flatpak | xdg-desktop-portal | Low | 2.9 | 2026-04-11 00:29:03 | Deep Dive |
| CVE-2026-39977 | flatpak-builder has a path traversal leading to arbitrary file read on host when installing licence files | flatpak | flatpak-builder | - | - | 2026-04-09 19:05:24 | Deep Dive |
| CVE-2026-34079 | Flatpak affected by arbitrary file deletion on the host filesystem | flatpak | flatpak | - | - | 2026-04-07 21:29:45 | Deep Dive |
| CVE-2026-34078 | Flatpak has a complete sandbox escape leading to host file access and code execution in the host context | flatpak | flatpak | - | - | 2026-04-07 21:27:46 | Deep Dive |
| CVE-2026-34080 | xdg-dbus-proxy has an eavesdrop filter bypass allowing message interception | flatpak | xdg-dbus-proxy | - | - | 2026-04-07 20:57:58 | Deep Dive |
| CVE-2024-42472 | Flatpak may allow access to files outside sandbox for certain apps | flatpak | flatpak | Critical | 10.0 | 2024-08-15 18:32:11 | Deep Dive |
| CVE-2024-32462 | Flatpak vulnerable to a sandbox escape via RequestBackground portal due to bad argument parsing | flatpak | flatpak | High | 8.4 | 2024-04-18 18:11:28 | Deep Dive |
| CVE-2023-28101 | Flatpak metadata with ANSI control codes can cause misleading terminal output | flatpak | flatpak | Medium | 5.0 | 2023-03-16 15:55:54 | Deep Dive |
| CVE-2023-28100 | TIOCLINUX can send commands outside sandbox if running on a virtual console | flatpak | flatpak | Critical | 10.0 | 2023-03-16 15:51:32 | Deep Dive |
| CVE-2022-21682 | flatpak-builder can access files outside the build directory. | flatpak | flatpak | High | 7.7 | 2022-01-13 00:00:00 | Deep Dive |
| CVE-2021-43860 | Permissions granted to applications can be hidden from the user at install time | flatpak | flatpak | High | 8.2 | 2022-01-12 00:00:00 | Deep Dive |
| CVE-2021-41133 | Sandbox bypass via recent VFS-manipulating syscalls | flatpak | flatpak | High | 8.8 | 2021-10-08 00:00:00 | Deep Dive |
| CVE-2021-21381 | Sandbox escape via special tokens in .desktop file | flatpak | flatpak | High | 7.1 | 2021-03-11 00:00:00 | Deep Dive |
| CVE-2021-21261 | Flatpak sandbox escape via spawn portal | flatpak | flatpak | High | 7.3 | 2021-01-14 19:40:21 | Deep Dive |