Severity by source
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attacker is an already-running low-privileged sandboxed process (AV:L, PR:L), no user interaction, and the sandbox-to-host break is a scope change (S:C) yielding full host C/I/A loss.
Primary rating from Vendor (ubuntu).
CVSS VectorVendor: ubuntu
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via xdg-desktop-portal-gtk can write a malicious .jar file to the host file system, set its executable bit, and trigger the handler to execute arbitrary code outside of the sandbox environment.
AnalysisAI
Sandbox escape in the OpenJDK packages shipped by Ubuntu allows a compromised sandboxed application to break out and run arbitrary code on the host. Because the packages' .jar MIME handlers execute any file flagged executable (when the mailcap package is present), an app abusing the OpenURI portal through xdg-desktop-portal-gtk can drop a malicious .jar, set its executable bit, and invoke the handler. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all of: an Ubuntu system with the vulnerable OpenJDK package installed and its .jar mailcap MIME handler registered, the mailcap package present (this is the precise 'when installed' trigger that makes handlers execute executable-flagged files), xdg-desktop-portal-gtk running to expose the OpenURI portal, and an already-compromised or malicious sandboxed application that has portal access and can write to a host-reachable filesystem location and set the executable bit. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 3.1 vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H (8.8) is internally consistent with the description: the attacker is a local, already-running but low-privileged sandboxed process (AV:L, PR:L), needs no victim interaction (UI:N), and the sandbox-to-host break is precisely the scope change (S:C) that drives the high score, with full host C/I/A loss. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker compromises a Flatpak/Snap-confined application on an Ubuntu desktop (for example via a malicious document or a supply-chain-tainted app) and, from inside the sandbox, uses the OpenURI portal exposed by xdg-desktop-portal-gtk to write a crafted .jar to a host-accessible path, mark it executable, and request that it be opened. The OpenJDK mailcap handler then runs the jar outside the sandbox, giving the attacker arbitrary code execution with the desktop user's full host privileges. … |
| Remediation | No vendor-released patch identified at time of analysis; the only reference is the Ubuntu Launchpad tracking bug (https://bugs.launchpad.net/ubuntu/+source/openjdk-25/+bug/2153100), so monitor Ubuntu Security Notices for the fixed openjdk package versions and upgrade as soon as they publish. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Ubuntu systems running OpenJDK packages and identify those hosting sandboxed applications. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-20 – Improper Input Validation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42435
GHSA-xg8h-3f4m-39v6