{"uuid": "ecfa6970-e7ef-41c7-9128-5c64c0ca5d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2026-41651", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/331", "content": "Pack2TheRoot \u2014 CVE-2026-41651\n\nTOCTOU race in PackageKit's transaction handler. Any local unprivileged user can install arbitrary packages as root with no authentication.\n\nBlog: https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html", "creation_timestamp": "2026-04-23T16:08:22.000000Z"}