CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root

**Executive Summary:** Qualys Threat Research Unit disclosed CVE-2026-3888, a high-severity local privilege escalation in snap-confine combined with systemd-tmpfiles on Ubuntu Desktop (default installs of 24.04 and later) that can allow an unprivileged user to gain root by exploiting a time-based /tmp cleanup window; affected snapd versions and patched releases are listed and immediate upgrades are recommended. The report also notes a separately discovered race condition in the uutils coreutils 'rm' utility that was mitigated before Ubuntu 25.10 release.