Skip to main content

Cosmic Greeter

1 CVEs product

Monthly

CVE-2026-25704 MEDIUM This Month

Cosmic-greeter before PR #426 contains a privilege dropping race condition vulnerability (CWE-271) that allows local attackers to regain dropped privileges through TOCTOU timing manipulation during privilege validation checks. The vulnerability affects the Pop!_OS greeter application and could enable privilege escalation to perform actions with elevated permissions that should have been restricted.

Information Disclosure Cosmic Greeter
NVD VulDB
CVSS 4.0
5.8
EPSS
0.0%
EPSS 0% CVSS 5.8
MEDIUM This Month

Cosmic-greeter before PR #426 contains a privilege dropping race condition vulnerability (CWE-271) that allows local attackers to regain dropped privileges through TOCTOU timing manipulation during privilege validation checks. The vulnerability affects the Pop!_OS greeter application and could enable privilege escalation to perform actions with elevated permissions that should have been restricted.

Information Disclosure Cosmic Greeter
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy