Tails 7.6.2 shipped today as an out-of-cycle update to fix a critical security vulnerability in the sandbox confinement that protects Tor Browser.

The issue lives in Flatpak, the containerization and sandboxing system Tails relies on to isolate applications. The previous version contained CVE-2026-34078, a critical flaw (CVSS 9.3) discovered by Codean Labs and patched in Flatpak 1.16.4 roughly a week earlier. Tails 7.6.2 updates Flatpak to version 1.16.6, which includes the original fix plus additional corrections for regressions that came with it.

How the vulnerability works

Flatpak’s portal accepted file paths in sandbox-expose options that could be symlinks controlled by an application, pointing to arbitrary locations on the actual filesystem. Flatpak would then mount the resolved path inside the sandbox, effectively granting the app full access to host files.

For Tails users, this meant an attacker could potentially break out of Tor Browser’s confinement and read any file accessible without admin credentials, including those in persistent storage. There’s a catch though: exploiting this required the attacker to have already compromised Tor Browser through a separate vulnerability.

How to update

Automatic updates are available for anyone running Tails 7.0 or later. If automatic updates fail or you hit issues after updating, follow the manual upgrade instructions.

For fresh installs, both USB and ISO images for DVD and virtual machines are available from the official Tails website.