CVE-2026-31635 (DirtyDecrypt) is a local privilege escalation vulnerability in the Linux kernel’s rxgk module affecting Fedora, Arch Linux, and openSUSE Tumbleweed systems compiled with CONFIG_RXGK enabled. A public proof-of-concept is available following the upstream patch release on April 25, 2026. The vulnerability’s proximity to the KEV-listed ‘Copy Fail’ flaw in the same Linux kernel privilege escalation cluster elevates urgency beyond what EPSS scores alone would suggest.