CVE-2026-41651 - PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
CVE ID :CVE-2026-41651 Published : April 22, 2026, 1:11 p.m. | 58 minutes ago Description :PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 i
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Reversing enterprise security costs with AI vulnerability discovery
- [CYBER] Cosmetics giant Rituals confirms data breach of customer membership records
- [CYBER] Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
- [CYBER] CRITICAL Cisco Vulnerability Exposed!
- [CYBER] CVE-2026-35548 - Guardsix ODBC Enrichment Plugins SSRF and Credential Reuse Vulnerability
- [CYBER] Nigeria unveils four-pillar cybersecurity council plan amid rising cyber threats