๐Ÿ” CVE Alert

CVE-2026-10037

HIGH 8.8

Sandbox Escape in Ubuntu OpenJDK Packages via xdg-desktop-portal

CVSS Score
8.8
EPSS Score
0.1%
EPSS Percentile
2th

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via xdg-desktop-portal-gtk can write a malicious .jar file to the host file system, set its executable bit, and trigger the handler to execute arbitrary code outside of the sandbox environment.

CWE CWE-20
Vendor canonical
Product ubuntu
Ecosystems
Industries
Technology
Published Jul 8, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for canonical ubuntu

Be the first to know when new high vulnerabilities affecting canonical ubuntu are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
All versions affected
Canonical / Ubuntu
0 < 3.70+nmu1ubuntu1.22.04.1 0 < 3.70+nmu1ubuntu1.24.04.1 0 < 3.74ubuntu1.1 0 < 3.75ubuntu1.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
bugs.launchpad.net: https://bugs.launchpad.net/ubuntu/+source/openjdk-25/+bug/2153100

Credits

Aaron Rainbolt