A new vulnerability known as Pack2TheRoot has been discovered in the PackageKit daemon, allowing local Linux users to gain root access and install or remove system packages without authentication. Identified as CVE-2026-41651 with a severity rating of 8.8, it has existed for nearly 12 years, affecting various Linux distributions, and users are urged to upgrade to PackageKit version 1.3.5 to mitigate the risk.
The most actionable insight for you is the discovery of the high-severity "Pack2TheRoot" vulnerability (CVE-2026-41651) in the PackageKit daemon, which could allow local Linux users to gain root access. As a professional in cybersecurity, ensure that all systems using PackageKit are immediately updated to version 1.3.5 to mitigate this risk. Additionally, verify if the PackageKit daemon is running on your systems using commands like `systemctl status packagekit` to assess potential exposure.