Skip to main content

InputPlumber CVE-2025-66005

Incorrect Authorization (CWE-863)
2026-01-14 meissner@suse.de

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 14, 2026 - 12:16 nvd
N/A

DescriptionCVE.org

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

Analysis

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

Technical ContextAI

Classified as CWE-863 (Incorrect Authorization). Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

Affected ProductsAI

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information lea

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2025-66005 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy