Lucene search
+L

17 matches found

EUVD
EUVD
added 2026/07/06 8:17 p.m.7 views

EUVD-2026-24979

comm: FIFO/pipe inputs are drained before comparison data loss / hang...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2026/04/22 6:31 p.m.10 views

GHSA-RX8H-33GR-VHJ9 Duplicate Advisory: uutils coreutils' comm utility incorrectly consumes data from non-regular file inputs before performing comparison operations

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3wfc-mgpm-9rq6. This link is maintained to preserve external references. Original Description The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.15 views

Duplicate Advisory: uutils coreutils' comm utility incorrectly consumes data from non-regular file inputs before performing comparison operations

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3wfc-mgpm-9rq6. This link is maintained to preserve external references. Original Description The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/22 5:16 p.m.6 views

CVE-2026-35347

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS0.00135EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 5:16 p.m.8 views

CVE-2026-35346

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS0.00176EPSS
Exploits1References3
OSV
OSV
added 2026/04/22 5:16 p.m.6 views

UBUNTU-CVE-2026-35346

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS5.8AI score0.00176EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/04/22 5:16 p.m.12 views

CVE-2026-35347

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS5.8AI score0.00135EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/22 5:16 p.m.10 views

CVE-2026-35346

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS5.8AI score0.00176EPSS
Exploits1References3
OSV
OSV
added 2026/04/22 5:16 p.m.5 views

UBUNTU-CVE-2026-35347

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS5.8AI score0.00135EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/22 4:7 p.m.31 views

CVE-2026-35347 uutils coreutils comm Silent Data Loss or Denial of Service via Improper Input Validation

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS0.00135EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:7 p.m.4 views

CVE-2026-35347

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS5.7AI score0.00135EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/22 4:7 p.m.5 views

CVE-2026-35347

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS5.3AI score0.00135EPSS
Exploits0
OSV
OSV
added 2026/04/22 4:7 p.m.3 views

CVE-2026-35347 uutils coreutils comm Silent Data Loss or Denial of Service via Improper Input Validation

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/04/22 4:7 p.m.5 views

CVE-2026-35346

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::fromutf8lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm, whic...

3.3CVSS5.3AI score0.00176EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34483

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The comm utility incorrectly consumes data from non-regular file inputs before performing comparison operations. The are files identical function opens and reads from both input path...

4.4CVSS6AI score0.00135EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-35346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses...

3.3CVSS5.8AI score0.00176EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-35347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical...

4.4CVSS5.8AI score0.00135EPSS
Exploits0References3
Rows per page
Query Builder