•  CVE-2026-3888

- This vulnerability is related remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8102-1 advisory.
- Qualys discovered that snapd incorrectly handled certain operations in the snap's private /tmp directory.
- If systemd-tmpfiles is enabled to automatically clean up this directory, a local attacker could possibly     use this issue to re-create the deleted directory, resulting in privilege escalation.
- Reference: https://ubuntu.com/security/notices/USN-8102-1

VMware NSX

• VMware By Broadcom is aware of CVE-2026-3888.
• Please refer to the release notes for existing and forthcoming product releases for any updates in relation to this CVE.
• Should you require further information please contact Broadcom Support Portal: support.broadcom.com