UBUNTU-CVE-2026-48831
- Source
- https://ubuntu.com/security/CVE-2026-48831
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-48831.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-48831
- Upstream
- Published
- 2026-05-24T22:16:00Z
- Modified
- 2026-05-27T19:09:52Z
- Severity
-
- 7.3 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/V:D/U:Clear CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap sandboxes, because MIME handlers are not intended for use by code interpreters and loaders. NOTE: some parties feel that this is not a bug to be addressed in Wine, because there is no known solution that avoids a severe loss of usability (Wine could be a binfmt-misc handler, but binfmt-misc does not exist on all platforms supported by Wine).
- References
-
- https://ubuntu.com/security/CVE-2026-48831
- https://www.cve.org/CVERecord?id=CVE-2026-48831
- https://bugs.winehq.org/show_bug.cgi?id=59767
- https://www.openwall.com/lists/oss-security/2026/05/19/1
- https://www.openwall.com/lists/oss-security/2026/05/25/1
- http://www.openwall.com/lists/oss-security/2026/05/25/1
Affected packages
Ubuntu:18.04:LTS
wine
Package
- Name
- wine
- Purl
- pkg:deb/ubuntu/wine?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "fonts-wine"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "libwine"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine-binfmt"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine-stable"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine32"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine32-preloader"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine32-tools"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine64"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine64-preloader"
},
{
"binary_version": "3.0-1ubuntu1",
"binary_name": "wine64-tools"
}
]
}Ubuntu:20.04:LTS
wine
Package
- Name
- wine
- Purl
- pkg:deb/ubuntu/wine?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.0.2-1
4.0.3-1
5.*
5.0~rc3-1ubuntu2
5.0~rc4-1ubuntu1
5.0~rc5-1ubuntu1
5.0~rc6-1ubuntu1
5.0-2ubuntu1
5.0-3
5.0-3ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "fonts-wine"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "libwine"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine-binfmt"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine32"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine32-preloader"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine32-tools"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine64"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine64-preloader"
},
{
"binary_version": "5.0-3ubuntu1",
"binary_name": "wine64-tools"
}
]
}Ubuntu:22.04:LTS
wine
Package
- Name
- wine
- Purl
- pkg:deb/ubuntu/wine?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "6.0.3~repack-1",
"binary_name": "fonts-wine"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "libwine"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine-binfmt"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine32"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine32-preloader"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine32-tools"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine64"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine64-preloader"
},
{
"binary_version": "6.0.3~repack-1",
"binary_name": "wine64-tools"
}
]
}Ubuntu:24.04:LTS
wine
Package
- Name
- wine
- Purl
- pkg:deb/ubuntu/wine?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
8.*
8.0.1~repack-3ubuntu2
8.0.2~repack-2
9.*
9.0~repack-4
9.0~repack-4build2
9.0~repack-4build3
Ecosystem specific
{
"binaries": [
{
"binary_version": "9.0~repack-4build3",
"binary_name": "fonts-wine"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "libwine"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine-binfmt"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine32"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine32-preloader"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine32-tools"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine64"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine64-preloader"
},
{
"binary_version": "9.0~repack-4build3",
"binary_name": "wine64-tools"
}
]
}Ubuntu:25.10
wine
Package
- Name
- wine
- Purl
- pkg:deb/ubuntu/wine?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
9.*
9.0~repack-4build3
10.*
10.0~repack-3ubuntu3
10.0~repack-4ubuntu1
10.0~repack-5ubuntu1
10.0~repack-6ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "fonts-wine"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "libwine"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine-binfmt"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine32"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine32-preloader"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine32-tools"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine64"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine64-preloader"
},
{
"binary_version": "10.0~repack-6ubuntu1",
"binary_name": "wine64-tools"
}
]
}Ubuntu:26.04:LTS
wine
Package
- Name
- wine
- Purl
- pkg:deb/ubuntu/wine?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
10.*
10.0~repack-6ubuntu1
10.0~repack-11
10.0~repack-12build1
10.0~repack-12ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "fonts-wine"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "libwine"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine-binfmt"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine-common"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine32"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine32-preloader"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine32-tools"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine64"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine64-preloader"
},
{
"binary_version": "10.0~repack-12ubuntu1",
"binary_name": "wine64-tools"
}
]
}