| Name | CVE-2026-34080 |
| Description | Eavesdrop filter bypass allows message interception |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 1132939 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| xdg-dbus-proxy (PTS) | bullseye | 0.1.2-2 | vulnerable |
| bookworm | 0.1.4-3 | vulnerable |
| trixie | 0.1.6-1 | vulnerable |
| forky | 0.1.6-2 | vulnerable |
| sid | 0.1.7-1 | fixed |
The information below is based on the following data on fixed versions.
Notes
https://github.com/flatpak/xdg-dbus-proxy/security/advisories/GHSA-vjp5-hjfm-7677
Fixed by: https://github.com/flatpak/xdg-dbus-proxy/commit/4d0d1d74d4f40260a79161163b4b2f7276bce0b0 (0.1.7)