CVE-2026-41045
Published
CVSS v3
8.1
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user.
qSnapper is a Qt6/QML GUI application for managing Btrfs/Snapper snapshots on Linux with D-Bus and PolicyKit integration.
GitHub