CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 5 days ago•5 views

CVE-2026-8784

A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...

4.6CVSS5.1AI score0.00027EPSS

NVD•added 2026/05/18 4:16 a.m.•8 views

CVE-2026-8784

4.6CVSS0.00027EPSS

Vulnrichment•added 2026/05/18 2:30 a.m.•6 views

CVE-2026-8784 npitre cramfs-tools cramfsck.c change_file_status symlink

ATTACKERKB•added 2026/05/18 2:30 a.m.•7 views

CVE-2026-8784

Exploits0References7Affected Software1

EUVD•added 2026/05/18 2:30 a.m.•8 views

EUVD-2026-30728

Cvelist•added 2026/05/18 2:30 a.m.•31 views

CVE-2026-8784 npitre cramfs-tools cramfsck.c change_file_status symlink

4.6CVSS0.00027EPSS

CVE•added 2026/05/18 2:30 a.m.•12 views

CVE-2026-8784

Technical details are not publicly available in the provided documents. Monitor for updates.

CNNVD•added 2026/05/18 12:0 a.m.•11 views

cramfs-tools 后置链接漏洞

cramfs-tools is a compression read-only file system tool developed by Nicolas Pitre. Versions of cramfs-tools prior to 2.2 had a post-installation link vulnerability. This vulnerability stemmed from the operation of the changefilestatus function in the cramfsck.c file, which allowed symbolic link...

4.6CVSS5.8AI score0.00027EPSS

Positive Technologies•added 2026/05/18 12:0 a.m.•8 views

PT-2026-41632

A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change file status of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...

SUSE CVE•added 2026/05/11 2:16 p.m.•5 views

SUSE CVE-2026-8274

5.3CVSS5.3AI score0.00009EPSS

Exploits0References3

EUVD•added 2026/05/11 6:31 a.m.•7 views

EUVD-2026-29032

5.3CVSS5.3AI score0.00009EPSS

Exploits0References9

NVD•added 2026/05/11 5:16 a.m.•9 views

CVE-2026-8274

5.3CVSS0.00009EPSS

Cvelist•added 2026/05/11 4:45 a.m.•34 views

CVE-2026-8274 npitre cramfs-tools Directory cramfsck.c do_directory path traversal

5.3CVSS0.00009EPSS

ATTACKERKB•added 2026/05/11 4:45 a.m.•8 views

CVE-2026-8274

Exploits0References8Affected Software1

Vulnrichment•added 2026/05/11 4:45 a.m.•6 views

CVE-2026-8274 npitre cramfs-tools Directory cramfsck.c do_directory path traversal

CVE•added 2026/05/11 4:45 a.m.•17 views

CVE-2026-8274

CVE-2026-8274 affects npitre cramfs-tools up to version 2.1. The vulnerability is in the Directory Handler’s cramfsck.c do_directory function and enables local path traversal. Exploitation requires local access; the vulnerability is disclosed publicly. A fix is available in version 2.2, with patc...

CNNVD•added 2026/05/11 12:0 a.m.•6 views

cramfs-tools 路径遍历漏洞

cramfs-tools is a compression read-only file system tool developed by Nicolas Pitre. Versions of cramfs-tools 2.1 and earlier contained a path traversal vulnerability, which originated from a function in the Directory Handler component called dodirectory in the cramfsck.c file, which allowed for...

5.3CVSS6AI score0.00009EPSS

Positive Technologies•added 2026/05/11 12:0 a.m.•8 views

PT-2026-39573

A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads to path traversal. The attack can only be performed from a local environment. The exploit has been...