Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities.

The most severe fix addresses a complete sandbox escape that leads to host file access and code execution in the host context, tracked as CVE-2026-34078.
File system exposure

Two additional fixes address file system exposure on the host. CVE-2026-34079 prevents arbitrary file deletion on the host filesystem. GHSA-2fxp-43j9-pwvc prevents arbitrary read-access to files in the system-helper context.

The fourth fix, tracked as GHSA-89xm-3m96-w3jg, prevents orphaning of cross-user pull operations.

The release is available on the Flatpak GitHub repository. Administrators running Flatpak should update to 1.16.4.