Security researchers have uncovered a critical vulnerability (CVE-2025-3155) in Ubuntu’s default help browser Yelp that could expose sensitive system files including SSH private keys.
The flaw impacts Ubuntu desktop installations and stems from improper handling of XML content in GNOME’s help documentation system.
https://gbhackers.com/yelp-vulnerability-on-ubuntu/