Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

PackageKit 1.3.5 security update (CVE-2026-41651)

Security Patch Release
First reported
Last updated
Happening score
H score 20
1 unique sources, 1 articles

Summary

Hide ▲

PackageKit version 1.3.5 was released to fix CVE-2026-41651, closing a local privilege-escalation path that could let Linux users gain root permissions. The update matters for PackageKit-enabled Linux systems because the flaw affected systems with the daemon installed and running. Users are being pushed to move quickly to the fixed release.

Related Happenings

LiteSpeed cPanel user-end plugin urgent security update (CVE-2026-48172)

Security Patch Release
First: 27.05.2026 13:06 Last: 27.05.2026 13:06 Sources 1

About this happening: LiteSpeed released **urgent security updates** for the **cPanel user-end plugin** after **CVE-2026-48172** was found to be **actively exploited**, reducing exposure for systems ru...

Open Happening

Linux distros patch release for Fragnasia (CVE-2026-46300)

Security Patch Release
First: 14.05.2026 10:34 Last: 14.05.2026 10:34 Sources 1

About this happening: Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

CPanel security patch release for CVE-2026-29201

Security Patch Release
First: 09.05.2026 10:16 Last: 09.05.2026 10:16 Sources 1

About this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...

Open Happening

Progress Software security patch release for CVE-2026-4670

Security Patch Release
First: 04.05.2026 19:34 Last: 04.05.2026 19:34 Sources 1

About this happening: **Progress Software** has released **MOVEit Automation** updates to fix **CVE-2026-4670** and **CVE-2026-5174**, including a **critical authentication bypass** that could expose e...

Open Happening

Timeline

  1. 24.04.2026 03:00 2 articles · 1mo ago

    PackageKit 1.3.5 and CVE-2026-41651 are publicly disclosed

    Mitigation Patch Update

    Public information about CVE-2026-41651 is published together with PackageKit version 1.3.5, which addresses the issue; technical details and a demo exploit are withheld so patches can propagate, and users are told to upgrade to 1.3.5 as soon as possible.

    Show sources
    Open in new tab
  2. 08.04.2026 03:00 1 articles · 1mo ago

    Deutsche Telekom Red Team reports the PackageKit flaw to maintainers

    Initial Disclosure

    Deutsche Telekom’s Red Team reports the PackageKit request-handling bug behind CVE-2026-41651 to Red Hat and PackageKit maintainers, after tracing a local privilege-escalation path that could let Linux users install or remove system packages and gain root permissions.

    Show sources
    Open in new tab