Cyber Resilience

CVE-2026-47333

HighUpdated

Published: 28 May 2026

Published
28 May 2026
Modified
17 June 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0011 1.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-47333 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Canonical Ubuntu Linux. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 1.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged…

more

local user and can result in invalid data being processed by the AppArmor DFA policy engine.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1685 Disable or Modify Tools Defense Impairment
Adversaries may disable, degrade, or tamper with security tools or applications (e.
Why these techniques?

Local out-of-bounds read in AppArmor policy engine enables privilege escalation (T1068) and impairing security tooling (T1562.001) via policy bypass or invalid data processing.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-3888Same product: Canonical Ubuntu Linux
CVE-2026-47331Same product: Canonical Ubuntu Linux
CVE-2025-33208Same product: Canonical Ubuntu Linux
CVE-2026-34179Same vendor: Canonical
CVE-2026-34178Same vendor: Canonical
CVE-2026-32693Same vendor: Canonical
CVE-2026-32692Same vendor: Canonical
CVE-2026-34177Same vendor: Canonical
CVE-2022-1736Same product: Canonical Ubuntu Linux
CVE-2024-6107Same vendor: Canonical

Affected Assets

canonical
ubuntu linux
24.04, 25.10, 26.04

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References