CVE-2026-10294 | PackageKit up to 1.3.5 API src/pk-transaction.c g_file_test frontend-socket improper authorization (Issue 969)

A vulnerability, which was classified as problematic, was found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization.

This vulnerability is documented as CVE-2026-10294. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More