CVE-2026-10294EPSS p28.5%

CVE-2026-10294CVE-2026-10294

Description

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Scoring

CVSS 4.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS0.37% probability of exploitation · percentile 28.5% · 2026-06-19T12:03:05Z
Last modified2026-06-02

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-67164
CVE
CVE-2026-41651
CVE
CVE-2026-0029
CVE
CVE-2026-10694
CVE
CVE-2026-24096
CVE
CVE-2026-10254
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.