CVE-2026-2604

EUVD-2026-37506

17.06.2026, 13:20

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or modification. Later, during contact deletion, the URI is processed with a less strict check, leading to the deletion of arbitrary files on the host filesystem. This could potentially include critical Flatpak override files.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.6 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 21%

Debian Releases

Debian Product

Codename

evolution-data-server

bookworm	vulnerable
bullseye	vulnerable
bullseye (security)	3.38.3-1+deb11u3 fixed
forky	3.56.2-8 fixed
sid	3.56.2-8 fixed
trixie	vulnerable

openSUSE / SLES Releases

openSUSE Product

Release

evolution-data-server

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

evolution-data-server-devel

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

evolution-data-server-lang

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libcamel-1_2-63

suse enterprise desktop 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise sap 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise server 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise workstation 15 SP7	3.42.5-150400.3.10.1 fixed

libcamel-1_2-64

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libebackend-1_2-10

suse enterprise desktop 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise sap 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise server 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise workstation 15 SP7	3.42.5-150400.3.10.1 fixed

libebackend-1_2-11

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libebook-1_2-20

suse enterprise desktop 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise sap 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise server 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise workstation 15 SP7	3.42.5-150400.3.10.1 fixed

libebook-1_2-21

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libebook-contacts-1_2-3

suse enterprise desktop 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise sap 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise server 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise workstation 15 SP7	3.42.5-150400.3.10.1 fixed

libebook-contacts-1_2-4

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libecal-2_0-2

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libedata-book-1_2-26

suse enterprise desktop 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise sap 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise server 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise workstation 15 SP7	3.42.5-150400.3.10.1 fixed

libedata-book-1_2-27

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libedata-cal-2_0-2

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libedataserver-1_2-26

suse enterprise desktop 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise sap 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise server 15 SP7	3.42.5-150400.3.10.1 fixed
suse enterprise workstation 15 SP7	3.42.5-150400.3.10.1 fixed

libedataserver-1_2-27

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libedataserverui-1_2-4

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

libedataserverui4-1_0-0

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

typelib-1_0-Camel-1_2

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

typelib-1_0-EBook-1_2

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

typelib-1_0-EBookContacts-1_2

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

typelib-1_0-ECal-2_0

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

typelib-1_0-EDataServer-1_2

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

typelib-1_0-EDataServerUI-1_2

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

typelib-1_0-EDataServerUI4-1_0

suse enterprise desktop 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise sap 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise server 15 SP7	3.50.3-150600.3.9.1 fixed
suse enterprise workstation 15 SP7	3.50.3-150600.3.9.1 fixed

Amazon Linux Releases

Amazon Package

Release

evolution-data-server

Amazon Linux 2	0:3.28.5-4.amzn2.0.2 fixed
Amazon Linux 2023	0:3.54.3-1.amzn2023.0.2 fixed

evolution-data-server-debuginfo

Amazon Linux 2	0:3.28.5-4.amzn2.0.2 fixed
Amazon Linux 2023	0:3.54.3-1.amzn2023.0.2 fixed

evolution-data-server-debugsource

Amazon Linux 2023

0:3.54.3-1.amzn2023.0.2

fixed

evolution-data-server-devel

Amazon Linux 2	0:3.28.5-4.amzn2.0.2 fixed
Amazon Linux 2023	0:3.54.3-1.amzn2023.0.2 fixed

evolution-data-server-doc

Amazon Linux 2	0:3.28.5-4.amzn2.0.2 fixed
Amazon Linux 2023	0:3.54.3-1.amzn2023.0.2 fixed

evolution-data-server-langpacks

Amazon Linux 2	0:3.28.5-4.amzn2.0.2 fixed
Amazon Linux 2023	0:3.54.3-1.amzn2023.0.2 fixed

evolution-data-server-perl

Amazon Linux 2	0:3.28.5-4.amzn2.0.2 fixed
Amazon Linux 2023	0:3.54.3-1.amzn2023.0.2 fixed

evolution-data-server-tests

Amazon Linux 2	0:3.28.5-4.amzn2.0.2 fixed
Amazon Linux 2023	0:3.54.3-1.amzn2023.0.2 fixed

evolution-data-server-tests-debuginfo

Amazon Linux 2023

0:3.54.3-1.amzn2023.0.2

fixed

Common Weakness Enumeration

CWE-73 - External Control of File Name or Path
The software allows user input to control or influence paths or file names that are used in filesystem operations.

References

https://access.redhat.com/security/cve/CVE-2026-2604

https://bugzilla.redhat.com/show_bug.cgi?id=2440301

https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/627

https://lists.debian.org/debian-lts-announce/2026/03/msg00007.html

https://gitlab.gnome.org/GNOME/evolution-data-server/-/work_items/627