CNNVD-202601-2458 Information

CNNVD ID

CNNVD-202601-2458

Related CVE

CVE-2025-14338

• CNNVD Published: 2026-01-14

Description (Chinese)

InputPlumber是ShadowBlip开源的一个输入设备路由守护进程。 InputPlumber存在访问控制错误漏洞，该漏洞源于授权检查存在竞争条件。

Description (English)

InputPlumber is an input device routed daemon from the ShadowBlip open source. InputPlumber had an error in access control, which stemmed from competitive conditions for authorized inspections.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

ShadowBlip

Published

2026-01-14

Last Modified

2026-02-24

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-14338 https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html

Patch

https://github.com/ShadowBlip/InputPlumber/releases