Astra Linux - уязвимость в nano

A vulnerability was discovered in GNU Nano, which allows for potential privilege escalation through an insecure temporary file. If Nano is terminated while editing, a file that it saves to an emergency file, with permissions set to those of the running user, creates an opportunity for attackers t...

DEBIAN-CVE-2026-40556

Bulletin has no description...

CVE-2026-40556

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-40556

Removed by vendor...

EUVD-2026-26053

GNU nano creates the user’s /.local directory with overly permissive permissions when the directory does not exist yet. On first use of features requiring Cross-Desktop Group XDG data storage, nano explicitly requests directory mode 0777, making the directory world‑writable in environments where...

CVE-2026-40556

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

GNU nano 安全漏洞

GNU nano is a lightweight terminal text editor from the GNU community in the United States. Versions of GNU nano prior to 9.0 contained security vulnerabilities. These vulnerabilities stemmed from overly permissive permissions when creating the user’s /.local directory. This could allow local...

EUVD-2010-1190

Malware in sbrugna...

EUVD-2010-1191

Malware in sbrugna...

EUVD-2024-47130

Malicious code in bioql PyPI...

TencentOS Server 4: nano (TSSA-2024:0262)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0262 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: nano (TSSA-2024:0518)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0518 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0228: nano (ALINUX3-SA-2024:0228)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0228 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-5742: A vulnerability was found in GNU Nan...

RLSA-2024:9430 Low: nano security update

GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...

Linux Distros Unpatched Vulnerability : CVE-2010-1160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file- save operation, which allows local user-assisted...

Linux Distros Unpatched Vulnerability : CVE-2010-1161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8.1.6)

The version of AOS installed on the remote host is prior to 6.8.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8.1.6 advisory. - An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSiz...

nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

nano security update

An update is available for nano. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNU nano is a small and friendly text editor. Security Fixes: nano: running chmo...

RLSA-2024:6986 Low: nano security update

GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...