Vulnerabilities4 min read
Pack2TheRoot: 12-Year-Old PackageKit Bug Grants Root on Linux
CVE-2026-41651 lets any local user gain root privileges on Ubuntu, Debian, and Fedora via a TOCTOU race in PackageKit. Patch to version 1.3.5 immediately.
Marcus ChenApr 24, 2026