PatchSiren cyber security CVE debrief
CVE-2026-6369 Canonical CVE debrief
CVE-2026-6369 is an improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0. This vulnerability allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This token allows an attacker to access Livepatch services using the victim's credentials, as well as potentially cause issues to the Livepatch server. The vulnerability is exploitable on systems where an administrator has already enabled the Livepatch client with a valid Ubuntu Pro subscription.
- Vendor
- Canonical
- Product
- Livepatch Client
- CVSS
- MEDIUM 5.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-20
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-04-20
- Advisory updated
- 2026-06-05
Who should care
Administrators and users of Canonical Livepatch Client, especially those with Ubuntu Pro subscriptions.
Technical summary
The vulnerability has a CVSS score of 5.7 and is classified as MEDIUM severity. It was published on [2026-04-20T14:16:22.380Z](https://www.cve.org/CVERecord?id=CVE-2026-6369) and modified on [2026-06-05T18:36:15.520Z](https://nvd.nist.gov/vuln/detail/CVE-2026-6369). The vulnerability is caused by improper access control in the canonical-livepatch snap client, which allows a local unprivileged user to obtain a sensitive, root-level authentication token.
Defensive priority
MEDIUM
Recommended defensive actions
- Update the canonical-livepatch snap client to version 10.15.0 or later.
- Ensure that the Livepatch client is not enabled with a valid Ubuntu Pro subscription on vulnerable systems.
Evidence notes
The vulnerability is documented in the CVE record [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-6369) and the NVD detail [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-6369). A vendor advisory is available at [ref-4](https://discourse.ubuntu.com/t/security-notice-canonical-livepatch-client-snap-vulnerability/80662).
Official resources
-
CVE-2026-6369 CVE record
CVE.org
-
CVE-2026-6369 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory, Mitigation
CVE-2026-6369 was published on 2026-04-20T14:16:22.380Z and modified on 2026-06-05T18:36:15.520Z.