GCVE - cpe:2.3:a:https://github.com/shadowblip:inputplumber:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:https://github.com/shadowblip:inputplumber:*:*:*:*:*:*:*:*

part: a version: inputplumber update: *

Vendor	Https (`d7181f43-5065-54de-83f7-090f042665aa`)
Product	//Github.Com/Shadowblip (`75e02285-7d2a-50fb-8354-28f8ac2ec1fa`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-66005`	vulnerable	2026-06-03 15:09:40.758387	Lack of Authentication in the InputManager D-Bus interface Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session. Published: 2026-01-14T11:53:49.844Z Updated: 2026-01-14T15:46:07.870Z Open on db.gcve.eu Reference links https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66005 https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14338`	vulnerable	2026-06-03 14:58:55.176564	Polkit authentication dis isabled by default in inputplumber Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005. Published: 2026-01-14T11:55:31.845Z Updated: 2026-01-14T14:53:44.027Z Open on db.gcve.eu Reference links https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-14338 https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.