[oss-security] Re: Evince/Atril/Xreader command injection CVE-2026-46529
Summary
The article discusses CVE-2026-46529 affecting Evince, Atril, and Xreader, detailing a GTK module-based exploitation vector and a polyglot PDF approach. It notes advisories and AI-assisted vulnerability analysis, emphasizing short-term risks and long-term security improvements.