Sandbox Escape: Critical Flatpak Flaw Grants Full Host Access

Flatpak, the widely-used system for building, distributing, and running sandboxed desktop applications on Linux, has been hit by a critical security vulnerability. The flaw, tracked as CVE-2026-34078 with a high CVSS score of 9.3, allows every Flatpak-packaged application to completely escape its sandbox, granting it unauthorized access to the host system.

The vulnerability resides in the Flatpak portal, a core component designed to manage how sandboxed applications interact with the host environment.

Specifically, the portal “accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths”. When a Flatpak application runs, it can use these malicious symlinks to trick the system into mounting resolved host paths directly into the sandbox. This bypasses the intended isolation, giving the application “access to all host files” and a primitive to achieve “code execution in the host context”.

The impact of this vulnerability is total. If exploited, “every Flatpak app is able to read and write arbitrary files on the host and execute code in the host context”. This effectively neutralizes the security benefits of the Flatpak sandbox, potentially exposing sensitive user data, system configurations, and allowing for the installation of persistent malware outside the controlled application environment.

This vulnerability affects users running older versions of the Flatpak utility on their Linux distributions.

The issue has been officially patched in version 1.16.4. A fix is also scheduled for the upcoming version 1.18.0. Users are strongly urged to update their Flatpak installation through their distribution’s package manager as soon as possible.

For those unable to update immediately, “disabling the Flatpak Portal mitigates the issue”. This can be done by running the following commands, though be aware it “can result in misbehaving apps”:

• sudo systemctl –global mask flatpak-portal.service
• systemctl –user stop flatpak-portal.service

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy

Written by

@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.