CVE Vulnerabilities

CVE-2026-13601

Protection Mechanism Failure

Published: Jun 29, 2026 | Modified: Jul 08, 2026
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
7.1 IMPORTANT
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG document, attacker-controlled content can bypass Flatpaks intended sandbox isolation, allowing Yelp to evaluate local XML inclusions and disclose arbitrary user-readable host files through remote CSS resource requests. This may result in the unauthorized disclosure of sensitive information.

Weakness

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Affected Software

NameVendorStart VersionEnd Version
Enterprise_linuxRedhat6.0 (including)6.0 (including)
Enterprise_linuxRedhat7.0 (including)7.0 (including)
Enterprise_linuxRedhat8.0 (including)8.0 (including)
Enterprise_linuxRedhat9.0 (including)9.0 (including)
YelpUbuntuesm-infra-legacy/xenial*
YelpUbuntuesm-infra/bionic*
YelpUbuntuesm-infra/focal*
YelpUbuntujammy*
YelpUbuntunoble*
YelpUbuntuquesting*
YelpUbunturesolute*
YelpUbuntuupstream*

References