Deskflow: Local privilege escalation via unauthenticated IPC_CVE-2026-41477

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes privileged commands without authentication, allowing any local unprivileged user to execute arbitrary commands as SYSTEM. Affects both stable v1.20.0 + and Continuous v1.26.0.134 prerelease.

Basic Information

ID CVE-2026-41477

Source GitHub_M

Published Apr 24, 2026 at 19:50

Affected Product

Vendor deskflow

Product deskflow

Version <= 1.26.0.134

Affected Versions deskflow deskflow <= 1.26.0.134
deskflow deskflow <= 1.20.0

CWE Classification

CWE-306 CWE-862

References

github.com /deskflow/deskflow/security/advisories/GHSA-6rx5-g478-775c

{
    "lastseen": "",
    "description": "Deskflow is a keyboard and mouse sharing app.  In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes privileged commands without authentication, allowing any local unprivileged user to execute arbitrary commands as SYSTEM. Affects both stable v1.20.0 + and Continuous v1.26.0.134 prerelease.",
    "published": "2026-04-24T19:50:21.665Z",
    "modified": "2026-04-24T19:50:21.665Z",
    "type": "cve",
    "title": "Deskflow: Local privilege escalation via unauthenticated IPC",
    "source": "GitHub_M",
    "references": "https://github.com/deskflow/deskflow/security/advisories/GHSA-6rx5-g478-775c",
    "id": "CVE-2026-41477",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306",
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "deskflow deskflow <= 1.26.0.134\ndeskflow deskflow <= 1.20.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "deskflow",
    "version": "<= 1.26.0.134",
    "vendor": "deskflow",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}