{"uuid": "7bbce898-2128-4f5c-9910-28a649de07a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46529", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116625967773895498", "content": "This evince (and friends) command injection is sort of neat.\nThere seems to be some agreement that it's CVE-2026-46529, except CVE-2026-46529 doesn't actually exist.\nThe advisory isn't clear what distros are affected, and it took a couple of attempts to find an environment where the default exploit works.  But here's a screen recording of it working on OpenSUSE.  You click anywhere in a PDF and you get arbitrary command execution.\nAlso slightly odd is that the writeup in GitHub states that evince <48.1 is affected, but my screen recording clearly indicates that 48.1 IS affected.", "creation_timestamp": "2026-05-23T21:17:23.580090Z"}