CVE-2026-35343

The issue (CVE-2026-35343) affects the uutils coreutils cut utility. When using -s with a newline delimiter, the code path in cut_fields_newline_char_delim does not verify the only_delimited flag, causing non-delimited lines to be emitted instead of suppressed. This is documented as a vulnerabili...

CVE-2026-35343 uutils coreutils cut Inconsistent Output Suppression with Newline Delimiters

The cut utility in uutils coreutils incorrectly handles the -s only-delimited option when a newline character is specified as the delimiter. The implementation fails to verify the onlydelimited flag in the cutfieldsnewlinechardelim function, causing the utility to print non-delimited lines that...

CVE-2026-35343

The cut utility in uutils coreutils incorrectly handles the -s only-delimited option when a newline character is specified as the delimiter. The implementation fails to verify the onlydelimited flag in the cutfieldsnewlinechardelim function, causing the utility to print non-delimited lines that...

PT-2026-34517

A logic error in the cut utility of uutils coreutils causes the utility to ignore the -s only-delimited flag when using the -z null-terminated and -d '' empty delimiter options together. The implementation incorrectly routes this specific combination through a specialized newline-delimiter code...

PT-2026-34516

A logic error in the cut utility of uutils coreutils causes the program to incorrectly interpret the literal two-byte string '' two single quotes as an empty delimiter. The implementation mistakenly maps this string to the NUL character for both the -d delimiter and --output-delimiter options. Th...