Flatpak Flatpak-builder — known CVE vulnerabilities
Every CVE whose affected-product data names Flatpak Flatpak-builder, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-21682 — CVSS 7.7 (high): Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to…
CVE-2026-39977 — CVSS 6.3 (medium): flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths…