CVE-2026-41049

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 22, 2026

Vendor unknown

Description

Incorrect caching of authentication between different users of the qSnapper dbus service before version 1.3.3 allowed any local attacker to use dbus functions after a privileged users has authenticated for them.

References

https://bugzilla.suse.com/show_bug.cgi?id=1262218
https://github.com/presire/qSnapper/releases/tag/v1.3.3
https://security.opensuse.org/2026/05/26/qsnapper-dbus-issues.html#issue-auth-caching