CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root
Summary
Qualys reports CVE-2026-3888—a local privilege escalation vulnerability affecting Ubuntu Desktop 24.04+ via the interaction between snap-confine and systemd-tmpfiles. The advisory details exploit timing, affected versions, remediation steps, and a secondary finding in uutils coreutils; it also outlines QID coverage and how to detect and remediate with Qualys tools.