CVE-2026-47128: nono: Sandbox escape on Linux via D-Bus: `systemd-run --user`

May 28, 2026

The nono Landlock/seccomp policies allow access to local Unix domain sockets (concrete and abstract). This allows an easy sandbox escape by talking to the per-user systemd dbus socket.

Threat scenario: Running Aider, Claude Code, OpenCode or similar tools with “allow bash” policy so that it can invoke arbitrary host tools like make, gcc, etc. to write code.

References

github.com/advisories/GHSA-27vp-2mmc-vmh3
github.com/always-further/nono/security/advisories/GHSA-27vp-2mmc-vmh3
nvd.nist.gov/vuln/detail/CVE-2026-47128

Code Behaviors & Features

Detect and mitigate CVE-2026-47128 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →