LeakyCreds
NewInstant webhook alerts now available β€” notified within seconds of any credential detection.Learn more β†’
Home / Vulnerability Intelligence / CVE-2026-3888

CVE-2026-3888 - Vulnerability Analysis

HighCVSS: 7.8

Last Updated: March 18, 2026

snapd - Privilege Escalation

Published: March 17, 2026Updated: March 18, 2026PoC Available

Overview

snapd on Linux (Ubuntu 16.04 LTS to 24.04 LTS) contains a local privilege escalation caused by re-creation of snap's private /tmp directory during systemd-tmpfiles cleanup, letting local attackers gain root privileges.

Severity & Score

Severity: High
CVSS Score: 7.8
EPSS Score: 0.6%(Probability of exploitation in next 30 days)

Impact

Local attackers can gain root privileges, fully compromising the system.

Mitigation

Update to the latest snapd version with the fix applied.

References

Social Media Activity(21 posts)

Hacker News Daily Bot
Hacker News Daily Bot
@hackernewsdaily
Mar 18, 2026

πŸ“° Today's Top 20 Hacker News Stories (Sorted by Score) πŸ“° ---------------------------------------- πŸ”– Title: Rob Pike's Rules of Programming (1989) πŸ”— URL: https://www.cs.unc.edu/~stotts/COMP590-059-f24/robsrules.html πŸ‘ Score: [699] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47423647 ---------------------------------------- πŸ”– Title: Nightingale – open-source karaoke app that works with any song on your computer πŸ”— URL: https://nightingale.cafe/ πŸ‘ Score: [414] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47422942 ---------------------------------------- πŸ”– Title: Federal Cyber Experts Called Microsoft's Cloud "A Pile of Shit", yet Approved It πŸ”— URL: https://www.propublica.org/article/microsoft-cloud-fedramp-cybersecurity-government πŸ‘ Score: [360] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47426057 ---------------------------------------- πŸ”– Title: Death to Scroll Fade πŸ”— URL: https://dbushell.com/2026/01/09/death-to-scroll-fade/ πŸ‘ Score: [276] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47426932 ---------------------------------------- πŸ”– Title: The pleasures of poor product design πŸ”— URL: https://www.inconspicuous.info/p/the-pleasures-of-poor-product-design πŸ‘ Score: [232] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47420432 ---------------------------------------- πŸ”– Title: Write up of my homebrew CPU build πŸ”— URL: https://willwarren.com/2026/03/12/building-my-own-cpu-part-3-from-simulation-to-hardware/ πŸ‘ Score: [209] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47389696 ---------------------------------------- πŸ”– Title: AI coding is gambling πŸ”— URL: https://notes.visaint.space/ai-coding-is-gambling/ πŸ‘ Score: [196] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47428541 ---------------------------------------- πŸ”– Title: Snowflake AI Escapes Sandbox and Executes Malware πŸ”— URL: https://www.promptarmor.com/resources/snowflake-ai-escapes-sandbox-and-executes-malware πŸ‘ Score: [179] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47427017 ---------------------------------------- πŸ”– Title: OpenRocket πŸ”— URL: https://openrocket.info/ πŸ‘ Score: [164] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47386703 ---------------------------------------- πŸ”– Title: Show HN: Hacker News archive (47M+ items, 11.6GB) as Parquet, updated every 5m πŸ”— URL: https://huggingface.co/datasets/open-index/hacker-news πŸ‘ Score: [148] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47378781 ---------------------------------------- πŸ”– Title: Nvidia NemoClaw πŸ”— URL: https://github.com/NVIDIA/NemoClaw πŸ‘ Score: [138] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47427027 ---------------------------------------- πŸ”– Title: Celebrating Tony Hoare's mark on computer science πŸ”— URL: https://bertrandmeyer.com/2026/03/16/celebrating-tony-hoares-mark-on-computer-science/ πŸ‘ Score: [108] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47422228 ---------------------------------------- πŸ”– Title: Machine Payments Protocol (MPP) πŸ”— URL: https://stripe.com/blog/machine-payments-protocol πŸ‘ Score: [98] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47426936 ---------------------------------------- πŸ”– Title: Using calculus to do number theory πŸ”— URL: https://hidden-phenomena.com/articles/hensels πŸ‘ Score: [78] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47399330 ---------------------------------------- πŸ”– Title: Google Engineers Launch "Sashiko" for Agentic AI Code Review of the Linux Kernel πŸ”— URL: https://www.phoronix.com/news/Sashiko-Linux-AI-Code-Review πŸ‘ Score: [62] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47427647 ---------------------------------------- πŸ”– Title: Wander – A tiny, decentralised tool (just 2 files) to explore the small web πŸ”— URL: https://susam.net/wander/ πŸ‘ Score: [56] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47427290 ---------------------------------------- πŸ”– Title: A ngrok-style secure tunnel server written in Rust and Open Source πŸ”— URL: https://github.com/joaoh82/rustunnel πŸ‘ Score: [50] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47425918 ---------------------------------------- πŸ”– Title: 2025 Turing award given for quantum information science πŸ”— URL: https://awards.acm.org/about/2025-turing πŸ‘ Score: [48] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47423694 ---------------------------------------- πŸ”– Title: Wanter – A tiny, decentralised tool to explore the small web πŸ”— URL: https://susam.net/wander/ πŸ‘ Score: [44] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47422759 ---------------------------------------- πŸ”– Title: CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root πŸ”— URL: https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root πŸ‘ Score: [33] πŸ’¬ Discussion: https://news.ycombinator.com/item?id=47427208 ----------------------------------------

View original post
Claudio C
Claudio C
@cktodon
Mar 18, 2026

CVE-2026-3888 en #Ubuntu: escalada a root aprovechando snap-confine y la limpieza de systemd-tmpfiles https://unaaldia.hispasec.com/2026/03/cve-2026-3888-en-ubuntu-escalada-a-root-aprovechando-snap-confine-y-la-limpieza-de-systemd-tmpfiles.html?utm_source=rss&amp

View original post
HackerWorkspace
HackerWorkspace
@hackerworkspace
Mar 18, 2026

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html Short summary: https://hackerworkspace.com/article/ubuntu-cve-2026-3888-bug-lets-attackers-gain-root-via-systemd-cleanup-timing-exploit #cybersecurity #vulnerability #exploit

View original post
Domdel AKA Data
Domdel AKA Data
@domdel
Mar 18, 2026

Alerte pour les bubuntuistes: https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html

View original post
Masto.kukei.eu
Masto.kukei.eu
@mastokukei
Mar 18, 2026

iOS/iPadOS 26.4 RC, GNOME 50 β€œTokyo,” and FFmpeg 8.1. - Linux security flaws (CVE-2026-3888) and open-source alternatives (e.g., Ageless Linux). 5. **Hardware & Gadgets** - Samsung Galaxy Z TriFold discontinuation, BYD’s 1,500km solid-state battery, and Tesla Cybertruck safety concerns. - Framework 16” laptop issues and retro computing (e.g., Commodore 64). [3/3]

View original post
The Threat Codex
The Threat Codex
@threatcodex
Mar 18, 2026

CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root #CVE_2026_3888 https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root

View original post
π”Έπ•Ÿπ• π•Ÿπ•ͺπ•žπ• π•¦π•€ :verified:
π”Έπ•Ÿπ• π•Ÿπ•ͺπ•žπ• π•¦π•€ :verified:
@youranonnewsirc
Mar 18, 2026

Global tensions heighten as the US-Iran conflict escalates, impacting oil markets via the Strait of Hormuz (March 18). Technology sees continued rapid AI advancement, with OpenAI's GPT-5.4 and Anthropic's Claude Sonnet 4.6 released (March 17). In cybersecurity, the EU sanctioned private cyber offensive groups (March 17), and a critical Ubuntu privilege escalation flaw (CVE-2026-3888) was discovered (March 18). AI-driven threats also increasingly impact M&A security. #Geopolitics #Cybersecurity #AINews

View original post
Sam Bowne :donor:
Sam Bowne :donor:
@sambowne
Mar 18, 2026

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html

View original post
TechNadu
TechNadu
@technadu
Mar 18, 2026

Critical Ubuntu flaw (CVE-2026-3888) enables local root escalation via Snap. Delayed exploit (10–30 days) makes detection harder. Patch snapd immediately. https://www.technadu.com/critical-cve-2026-3888-vulnerability-exposes-ubuntu-to-root-escalation/623670/ #Cybersecurity #Linux #Ubuntu

View original post
Patrick C Miller :donor:
Patrick C Miller :donor:
@patrickcmiller
Mar 18, 2026

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit https://securityaffairs.com/189614/security/cve-2026-3888-ubuntu-desktop-24-04-vulnerable-to-root-exploit.html

View original post
nico
nico
@n
Mar 18, 2026

[lien] https://www.it-connect.fr/cve-2026-3888-quand-le-nettoyage-systeme-dubuntu-offre-un-acces-root/ #security #gik #deb #wtf

View original post
benzogaga33 :verified:
benzogaga33 :verified:
@benzogaga33
Mar 18, 2026

CVE-2026-3888 : quand le nettoyage systΓ¨me d’Ubuntu offre un accΓ¨s root https://www.it-connect.fr/cve-2026-3888-quand-le-nettoyage-systeme-dubuntu-offre-un-acces-root/ #ActuCybersΓ©curitΓ© #CybersΓ©curitΓ© #VulnΓ©rabilitΓ© #Linux

View original post
π•šπ•’π•žπ••π•₯π•žπ•€
π•šπ•’π•žπ••π•₯π•žπ•€
@iamdtms
Mar 18, 2026

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html

View original post
HackerWorkspace
HackerWorkspace
@hackerworkspace
Mar 18, 2026

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html Short summary: https://hackerworkspace.com/article/ubuntu-cve-2026-3888-bug-lets-attackers-gain-root-via-systemd-cleanup-timing-exploit #cybersecurity #vulnerability #exploit

View original post
The Threat Codex
The Threat Codex
@threatcodex
Mar 18, 2026

CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root #CVE_2026_3888 https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root

View original post
π”Έπ•Ÿπ• π•Ÿπ•ͺπ•žπ• π•¦π•€ :verified:
π”Έπ•Ÿπ• π•Ÿπ•ͺπ•žπ• π•¦π•€ :verified:
@youranonnewsirc
Mar 18, 2026

Global tensions heighten as the US-Iran conflict escalates, impacting oil markets via the Strait of Hormuz (March 18). Technology sees continued rapid AI advancement, with OpenAI's GPT-5.4 and Anthropic's Claude Sonnet 4.6 released (March 17). In cybersecurity, the EU sanctioned private cyber offensive groups (March 17), and a critical Ubuntu privilege escalation flaw (CVE-2026-3888) was discovered (March 18). AI-driven threats also increasingly impact M&A security. #Geopolitics #Cybersecurity #AINews

View original post
Sam Bowne :donor:
Sam Bowne :donor:
@sambowne
Mar 18, 2026

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html

View original post
TechNadu
TechNadu
@technadu
Mar 18, 2026

Critical Ubuntu flaw (CVE-2026-3888) enables local root escalation via Snap. Delayed exploit (10–30 days) makes detection harder. Patch snapd immediately. https://www.technadu.com/critical-cve-2026-3888-vulnerability-exposes-ubuntu-to-root-escalation/623670/ #Cybersecurity #Linux #Ubuntu

View original post
Patrick C Miller :donor:
Patrick C Miller :donor:
@patrickcmiller
Mar 18, 2026

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit https://securityaffairs.com/189614/security/cve-2026-3888-ubuntu-desktop-24-04-vulnerable-to-root-exploit.html

View original post
benzogaga33 :verified:
benzogaga33 :verified:
@benzogaga33
Mar 18, 2026

CVE-2026-3888 : quand le nettoyage systΓ¨me d’Ubuntu offre un accΓ¨s root https://www.it-connect.fr/cve-2026-3888-quand-le-nettoyage-systeme-dubuntu-offre-un-acces-root/ #ActuCybersΓ©curitΓ© #CybersΓ©curitΓ© #VulnΓ©rabilitΓ© #Linux

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 17, 2026

🟠 CVE-2026-3888 - High (7.8) Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LT... πŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-3888/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

GitHub Repositories(1 repo)

Related Resources

Details

CVE ID
CVE-2026-3888
Severity
High
CVSS Score
7.8
Type
broken_access_control
Status
unconfirmed
EPSS
0.6%
Social Posts
21

CWE

  • CWE-268

CVSS Metrics

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

0.6%Probability of exploitation in the next 30 days