PT-2026-31024 · Flatpak+1 · Flatpak+1

Published

2026-04-07

Updated

2026-05-28

CVE-2026-34078

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Flatpak versions prior to 1.16.4

Description Flatpak is a Linux application sandboxing and distribution framework. A flaw exists where the Flatpak portal accepts paths in the sandbox-expose options that can be app-controlled symlinks pointing to arbitrary paths. Flatpak run mounts the resolved host path in the sandbox, potentially granting applications access to host files and enabling code execution in the host context. This allows a malicious or compromised application in flatpak format to bypass the established sandbox isolation, gain access to files in the main system, and execute arbitrary code outside of isolation.

Recommendations Update to Flatpak version 1.16.4 or later.

Fix

RCE

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-61

Related Identifiers

ALSA-2026:21755

ALSA-2026:21756

ALSA-2026:21757

BDU:2026-05831

CVE-2026-34078

OPENSUSE-SU-2026:10541-1

RHSA-2026:21755

RHSA-2026:21756

RHSA-2026:21757

RHSA-2026:23417

RHSA-2026:23418

RHSA-2026:23419

RHSA-2026:23420

SUSE-SU-2026:1511-1

SUSE-SU-2026:1541-1

SUSE-SU-2026:1600-1

Affected Products

Flatpak

Rocky Linux

PT-2026-31024 · Flatpak+1 · Flatpak+1

CVE-2026-34078

Weakness Enumeration

Related Identifiers

Affected Products

References · 49