packagekit
Security Risk Profile
52
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 9 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from April 24, 2018 to present
9
Total CVEs
2
Critical+High
1
Exploited
1
Unpatched
Threat Assessment
Avg CVSS
5.6
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
52/100
medium
⚠️ 1 Active Exploits🆕 1Fresh (<7d)📈 2 in Last 30 Days
Severity Distribution
Critical
0High
2Medium
0Low
1Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
Race Condition
4
Most Affected Products
1. PackageKit PackageKit8
2. PackageKit daemon1
3. Packagekit Project Packagekit1
Recent Vulnerabilities
See more →RHSA-2026:19601
unknown
Important: PackageKit security update
5/20/2026
RHSA-2026:19354
unknown
Important: PackageKit security update
5/19/2026
https://www.bleepingcomputer.com/news/security/new-pack2theroot-flaw-gives-hackers-root-linux-access/
unknown
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
4/24/2026⚠ Exploited🔧 No Patch
https://reddit.com/r/netsec/comments/1sswok7/pack2theroot_cve202641651_crossdistro_local/
unknown
Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability
4/22/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q2/201
unknown
CVE-2026-41651: TOCTOU vulnerability in PackageKit <= 1.3.4 leads to local root exploit
4/22/2026🔧 No Patch
REDHAT-BUG-2460604
CVSS 7.0high
4/22/2026🔧 No Patch
CVE-2026-41651
CVSS 8.8high
PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
4/22/2026
REDHAT-BUG-2064315
CVSS 1.0low
3/15/2022🔧 No Patch
RHSA-2018:1224
unknown
Moderate: PackageKit security update
4/24/2018
Monitor packagekit in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.