CVE-2026-4105

ADVISORY - nist

Summary

A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.

EPSS Score⁠: 0.00009 (0.009)

Common Weakness Enumeration (CWE)

ADVISORY - nist

NIST

CREATED

2 months ago

UPDATED

16 days ago

ADVISORY IDCVE-2026-4105⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-284⁠

CVSS SCORE

6.7medium

Debian

CREATED

2 months ago

UPDATED

57 minutes ago

ADVISORY IDCVE-2026-4105⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2026-4105⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2026-4105⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-284⁠

CVSS SCORE

6.7medium

CVE-2026-4105

Summary

Common Weakness Enumeration (CWE)

CWE-284⁠

CWE-284⁠

Advisories

NIST

CVSS SCORE

Debian

Ubuntu

CVSS SCORE

Red Hat

CVSS SCORE