CVE-2026-41048
Published
CVSS v3
N/A
CVSS v2
N/A
Affected
1
PROJECT
Description
Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot".
qSnapper is a Qt6/QML GUI application for managing Btrfs/Snapper snapshots on Linux with D-Bus and PolicyKit integration.
GitHub