CVE-2026-44931

UNKNOWN 0.0

malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd

CWE	CWE-770
Vendor	gnome
Product	malcontent
Published	May 13, 2026
Last Updated	May 13, 2026

Stay Ahead of the Next One

Get instant alerts for gnome malcontent

Be the first to know when new unknown vulnerabilities affecting gnome malcontent are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

gnome / malcontent

0.14 < unknown

References

NVD ↗ CVE.org ↗ EPSS Data ↗

security.opensuse.org: https://security.opensuse.org/2026/05/11/malcontent-disk-space-dos.html bugzilla.suse.com: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-44931 openwall.com: http://www.openwall.com/lists/oss-security/2026/05/11/1

Credits

Matthias Gerstner of SUSE