CVE-2026-47333
Published: 28 May 2026
Summary
CVE-2026-47333 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Canonical Ubuntu Linux. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 1.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-32988
Vulnerability details
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged…
more
local user and can result in invalid data being processed by the AppArmor DFA policy engine.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local out-of-bounds read in AppArmor policy engine enables privilege escalation (T1068) and impairing security tooling (T1562.001) via policy bypass or invalid data processing.
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.