AttackFeed by Joe Wagner | snap-confine + systemd-tmpfiles = root (CVE-2026-3888)  - Full Disclosure

snap-confine + systemd-tmpfiles = root (CVE-2026-3888)  – Full Disclosure

Posted on By Joe-W
Alert Feeds

 

Posted by Qualys Security Advisory via Fulldisclosure on Mar 19

Qualys Security Advisory

Good things come to those who wait:
snap-confine + systemd-tmpfiles = root (CVE-2026-3888)

========================================================================
Contents
========================================================================

Summary
Case study: Ubuntu Desktop 24.04
– Analysis
– Exploitation
Case study: Ubuntu Desktop 25.10
– Overview
– Exploitation
A quick note on the uutils coreutils (the…
 – Read More  – Full Disclosure 

You may also like

AttackFeed by Joe Wagner | JSON Deserialiser Unconstrained Resource Consumption Quick Overview  - Full Disclosure
Alert Feeds
JSON Deserialiser Unconstrained Resource Consumption Quick Overview  – Full Disclosure
March 12, 2026
AttackFeed by Joe Wagner | APPLE-SA-02-11-2026-2 iOS 18.7.5 and iPadOS 18.7.5  - Full Disclosure
Alert Feeds
APPLE-SA-02-11-2026-2 iOS 18.7.5 and iPadOS 18.7.5  – Full Disclosure
February 16, 2026
AttackFeed by Joe Wagner | SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud)  - Full Disclosure
Alert Feeds
SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud)  – Full Disclosure
February 22, 2026
AttackFeed by Joe Wagner | SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS  - Full Disclosure
Alert Feeds
SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS  – Full Disclosure
April 14, 2026