Threat Intel

v0.1

← CVEs

CVE-2026-26104

MED 5.5
Published
2026-02-25
Last Modified
2026-03-25
Affected Apps
14
Affected Devices
28
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitive cryptographic metadata can be read and written to attacker-controlled locations. This weakens the confidentiality guarantees of encrypted storage volumes.
Affected Applications in Environment 14
Desktop v4.67.0 (4.67.0.5)
2 devices
Desktop v4.41.2 (4.41.2.20)
2 devices
Desktop v4.62.0 (4.62.0.11)
2 devices
Desktop v4.63.0 (4.63.0.11)
3 devices
Desktop v4.66.0 (4.66.0.6)
4 devices
Desktop v4.64.0 (4.64.0.4)
3 devices
Desktop v4.53.0 (4.52.0.4)
1 device
Desktop v4.65.0 (4.65.0.4)
4 devices
Desktop v4.50.0 (4.50.0.5)
1 device
Desktop v4.66.1 (4.66.1.8)
3 devices
Desktop v4.61.0 (4.61.0.14)
1 device
Desktop v4.49.0 (4.49.0.17)
1 device
fontconfig v2.13.1-4.2
8 devices
fontconfig v2.15.0-2.3
4 devices
Affected Devices 28
2ua5171h8k Linux DPCOMPdemoserver Linux Dallins-MacBook-Pro-2.local Mac F-16 Mac RobertsMacbookPro.local Mac Zhiyuns-MacBook-Pro.local Mac a00288946-F6VM65M2H3 Mac a00295943-YF4WY76Q4D Mac a00957369-K6KVHY00C5 Mac a01513577-M7GJNF6XQR Mac a01841079-LK4T0Y7FP4 Mac a01875599-TY6TF9Y69L Mac a02273884-FYQGVQ1TFP Mac a02490072-PCVFY9PJV6 Mac adamthomas-H73N967GM2 Mac admin.integrations's iMac -H12CRHNTJV40 Mac ah-mbp.lan Mac ezri-utility-01 Linux fw Linux jed Linux kcm.usu.edu Linux ken-mpb16-LG9VYFY7QD Mac libki-server Linux miscnet Linux nt Linux portscan02 Linux svn.usu.edu Linux sympa.ser321.usu.edu Linux
References 5