Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Ubuntu 26.04 LTS mailcap Critical Remote Code Execution USN-8518-1

ubuntu
Calendar Grey July 8, 2026
Dist Ubuntu Esm H88
mailcap has a critical escape vulnerability, which may allow arbitrary code execution, requiring urgent system updates on Ubuntu versions.
mailcap could allow applications to escape sandbox restrictions

Summary

mailcap could allow applications to escape sandbox restrictions

Software Description:

- mailcap: Debian's mailcap system, and support programs

Details:

Aaron Rainbolt discovered that the cautious-launcher utility in the

mailcap package did not properly restrict the execution of certain

file types. An attacker could use this issue to escape a sandboxed

application and execute arbitrary code on the host operating system.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  mailcap                         3.75ubuntu1.1

Ubuntu 25.10
  mailcap                         3.74ubuntu1.1

Ubuntu 24.04 LTS
  mailcap                         3.70+nmu1ubuntu1.24.04.1

Ubuntu 22.04 LTS
  mailcap                         3.70+nmu1ubuntu1.22.04.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8518-1

CVE-2026-10037

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8518-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.