cm0002@infosec.pub to

Linux@programming.dev · 2 days ago

Single-Click Code Execution Exploit for Evince, Atril, and Xreader

blogs.gnome.org

1

28

Single-Click Code Execution Exploit for Evince, Atril, and Xreader

blogs.gnome.org

cm0002@infosec.pub to

Linux@programming.dev · 2 days ago

1

CVE-2026-46529 is an argument injection vulnerability in Evince, Atril, and Xreader caused by missing shell quoting when composing a command line. The reporter, João Medeiros, has published a GitHub repo for the CVE and a blog post with the story of how he discovered the flaw and developed the exploit. He also created an Atril...

You must log in or # to comment.

Chat

inari@piefed.zip
link
fedilink
English
arrow-up
2·
1 day ago
I’m hoping that was the fix in the evince update I did this morning

Linux@programming.dev

linux@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !linux@programming.dev

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

203 users / day
1.46K users / week
4.48K users / month
11K users / 6 months
2 local subscribers
13.7K subscribers
3.08K Posts
26.3K Comments
Modlog