Aaron Rainbolt

**Name of the Vulnerable Software and Affected Versions** Wine (affected versions not specified) **Description** Wine includes a .desktop file that registers the software as a MIME handler for EXE and other Windows executable file types. In certain configurations, processing an EXE file leads to its execution with the permissions of the invoker. This behavior enables the escape of Flatpak and Snap sandboxes, as MIME handlers are not designed for use by code loaders and interpreters. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** KDE Dolphin versions prior to 25.12.3 **Description** Applications running within a Flatpak or with AppArmor confinement can open folders outside of the application sandbox without additional scrutiny. This occurs because the implementation of the FileManager1 protocol allows the provided path to be any file type, including scripts or executables. While the software prompts the user before launching such files, the intended security behavior is to block the action entirely. There have been reports of elevated activities targeting this issue. **Recommendations** Update to version 25.12.3 or later.

Name of the Vulnerable Software and Affected Versions systemd version 259 Description In systemd 259, the `systemd-journald` component can transmit ANSI escape sequences to the terminals of arbitrary users when a 'logger -p emerg' command is executed, provided that `ForwardToWall=yes` is configured. This can potentially lead to unexpected behavior or display manipulation for users. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider setting `ForwardToWall=no` in the systemd configuration to prevent the transmission of ANSI escape sequences to all user terminals.

Name of the Vulnerable Software and Affected Versions: zuluCrypt version 6.2.0-1 Description: The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt has insecure PolicyKit settings, including `allow any`, `allow inactive`, and `allow active`, which allow a local user to escalate their privileges to root. This issue enables local privilege escalation. Recommendations: For zuluCrypt version 6.2.0-1, consider disabling the `allow any`, `allow inactive`, and `allow active` settings in the PolicyKit configuration to mitigate the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.