{"id":"CVE-2026-34078","summary":"Flatpak has a complete sandbox escape leading to host file access and code execution in the host context","details":"Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to gain code execution in the host context. This vulnerability is fixed in 1.16.4.","aliases":["GHSA-cc2q-qc34-jprg"],"modified":"2026-04-09T11:45:34.468216Z","published":"2026-04-07T21:27:45.643Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/34xxx/CVE-2026-34078.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-61"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/34xxx/CVE-2026-34078.json"},{"type":"ADVISORY","url":"https://github.com/flatpak/flatpak/security/advisories/GHSA-cc2q-qc34-jprg"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34078"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/flatpak/flatpak","events":[{"introduced":"0"},{"fixed":"2cc39deb237776614f8bdecae1892e5229aeca60"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.16.4"}]}}],"versions":["0.1","0.10.0","0.10.1","0.10.2","0.11.1","0.11.2","0.11.3","0.11.4","0.11.5","0.11.6","0.11.7","0.11.8","0.11.8.1","0.11.8.2","0.11.8.3","0.2","0.2.1","0.3","0.3.1","0.3.2","0.3.3","0.3.4","0.3.5","0.3.6","0.4.0","0.4.1","0.4.10","0.4.11","0.4.12","0.4.13","0.4.2","0.4.2.1","0.4.3","0.4.4","0.4.5","0.4.6","0.4.7","0.4.8","0.4.9","0.5.0","0.5.1","0.5.2","0.6.0","0.6.1","0.6.10","0.6.11","0.6.12","0.6.13","0.6.14","0.6.2","0.6.3","0.6.4","0.6.5","0.6.6","0.6.7","0.6.8","0.6.9","0.8.0","0.8.1","0.9.1","0.9.10","0.9.11","0.9.12","0.9.2","0.9.3","0.9.4","0.9.5","0.9.6","0.9.7","0.9.8","0.9.9","0.9.98","0.9.98.1","0.9.98.2","0.9.99","0.99.1","0.99.2","0.99.3","1.0.0","1.0.1","1.0.2","1.0.3","1.1.0","1.1.1","1.1.2","1.1.3","1.10.0","1.10.1","1.11.1","1.11.2","1.11.3","1.12.0","1.13.1","1.13.2","1.13.3","1.14.0","1.15.0","1.15.1","1.15.10","1.15.11","1.15.12","1.15.2","1.15.3","1.15.4","1.15.6","1.15.7","1.15.8","1.15.9","1.15.91","1.16.0","1.16.1","1.16.2","1.16.3","1.2.0","1.2.1","1.3.0","1.3.1","1.3.2","1.3.3","1.3.4","1.4.0","1.5.0","1.5.1","1.5.2","1.6.0","1.6.1","1.6.2","1.7.1","1.7.2","1.7.3","1.8.0","1.9.1","1.9.2","1.9.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-34078.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}]}