CVE-2026-25704

EUVD-2026-17067
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability inĀ  cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic.




This issue affects cosmic-greeter before https://github.Com/pop-os/cosmic-greeter/pull/426.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-25704