Description
A flaw was found in PipeWire, a multimedia server. This vulnerability allows an attacker to escape sandboxed applications, such as Flatpak, by exploiting PipeWire's PulseAudio compatibility layer. An attacker with minimal permissions within a sandboxed environment can load a malicious library, leading to arbitrary code execution outside the sandbox and potential compromise of the user's system.
Published: 2026-07-16
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Workaround

To mitigate this issue, restrict containerized applications from accessing the PulseAudio socket or writing to host-visible paths. Additionally, configure PipeWire to prevent module loading by setting `pulse.allow-module-loading = false` in the PipeWire PulseAudio configuration. Alternatively, restrict the `dlopen()` paths for `module-ladspa-sink` to trusted system directories like `/usr/lib/ladspa/` and `/usr/lib64/ladspa/`. Applying these changes may require restarting the PipeWire service to take effect, which could impact audio functionality.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Important


Thu, 16 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 16 Jul 2026 14:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in PipeWire, a multimedia server. This vulnerability allows an attacker to escape sandboxed applications, such as Flatpak, by exploiting PipeWire's PulseAudio compatibility layer. An attacker with minimal permissions within a sandboxed environment can load a malicious library, leading to arbitrary code execution outside the sandbox and potential compromise of the user's system.
Title Pipewire: pipewire: sandbox escape and arbitrary code execution via malicious library loading
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-427
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}


Subscriptions

Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-07-16T14:03:16.054Z

Reserved: 2026-04-06T09:07:33.494Z

Link: CVE-2026-5674

cve-icon Vulnrichment

Updated: 2026-07-16T14:03:00.836Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Important

Publid Date: 2026-07-04T23:59:00Z

Links: CVE-2026-5674 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-17T04:00:06Z

Weaknesses