CVE-2026-48831 in Wineinformación

Resumen

por MITRE • 2026-05-26

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap sandboxes, because MIME handlers are not intended for use by code interpreters and loaders. NOTE: some parties feel that this is not a bug to be addressed in Wine, because there is no known solution that avoids a severe loss of usability (Wine could be a binfmt-misc handler, but binfmt-misc does not exist on all platforms supported by Wine).

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

MITRE

Reservar

2026-05-24

Divulgación

2026-05-26

Moderación

aceptado

Artículo

VDB-365469

CPE

listo

CWE

CWE-669 (confirmado)

CVSS

7.8 (VulDB)

EPSS

0.00026

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-48831
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-48831
CVE Details	https://www.cvedetails.com/cve/CVE-2026-48831/

◂ Anterior Visión De Conjunto Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!