CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/01/23 9:15 p.m.•4 views

CVE-2026-1386

6CVSS5.8AI score

EUVD•added 2026/01/23 8:25 p.m.•5 views

EUVD-2026-4536

Cvelist•added 2026/01/23 8:25 p.m.•22 views

CVE-2026-1386 Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

6CVSS0.00195EPSS

AlpineLinux•added 2026/01/23 8:25 p.m.•6 views

CVE-2026-1386

ATTACKERKB•added 2026/01/23 8:25 p.m.•5 views

CVE-2026-1386

6CVSS5.9AI score0.00195EPSS

Exploits0References5

Vulnrichment•added 2026/01/23 8:25 p.m.•3 views

CVE-2026-1386 Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

CVE•added 2026/01/23 8:25 p.m.•23 views

CVE-2026-1386

The CVE-2026-1386 issue affects Firecracker’s jailer component. A local user who has write access to pre-created jailer directories could abuse a UNIX symlink vulnerability during jailer startup to overwrite arbitrary host files when the jailer runs with root privileges. Affected versions include...

Exploits0References4Affected Software1

Positive Technologies•added 2026/01/23 12:0 a.m.•7 views

PT-2026-4532

Name of the Vulnerable Software and Affected Versions Firecracker versions prior to 1.13.2 and version 1.14.0 Description A flaw exists in the jailer component of Firecracker that could allow a local host user with write access to pre-created jailer directories to overwrite arbitrary host files...

6CVSS5.5AI score0.00195EPSS

Exploits0References11

CNNVD•added 2026/01/23 12:0 a.m.•6 views

Firecracker security vulnerability

Firecracker is a microvirtual machine open source project developed by firecracker-microvm, designed for serverless computing. Firecracker versions 1.13.1 and earlier, as well as version 1.14.0, have security vulnerabilities. These vulnerabilities stem from issues with UNIX symbolic link handling...

6CVSS5.8AI score0.00195EPSS

BDU FSTEC•added 2021/07/20 12:0 a.m.•3 views

The vulnerability of the OverlayFS component arises from the Firejail jailer’s SUID status. This vulnerability stems from insufficient checks on the state of shared resources. As a result, attackers can gain access to confidential data, compromise its integrity, and even cause service failures.

The vulnerability of the OverlayFS component in Firejail’s SUID mode is related to insufficient checking of the status of shared resources. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

7CVSS7.1AI score0.00444EPSS

Exploits1References13Affected Software5

OpenVAS•added 2008/12/03 12:0 a.m.•20 views

Debian Security Advisory DSA 1674-1 (jailer)

The remote host is missing an update to jailer announced via advisory DSA 1674-1. OpenVAS Vulnerability Test $Id: deb16741.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1674-1 jailer Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

6.9CVSS0.2AI score0.00295EPSS

OpenVAS•added 2008/12/03 12:0 a.m.•12 views

Debian: Security Advisory (DSA-1674-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.2AI score0.00295EPSS

Exploits0References3

securityvulns•added 2008/12/01 12:0 a.m.•20 views

jailer symbolic links vulnerability

updatejail insecure temporary files creation...

6.9CVSS1.1AI score0.00295EPSS

Exploits0References1Affected Software1

securityvulns•added 2008/12/01 12:0 a.m.•44 views

[SECURITY] [DSA 1674-1] New jailer packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1674-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2008 http://www.debian.org/security/faq -...

6.9CVSS0.2AI score0.00295EPSS

Tenable Nessus•added 2008/12/01 12:0 a.m.•17 views

Debian DSA-1674-1 : jailer - insecure temp file generation

Javier Fernandez-Sanguino Pena discovered that updatejail, a component of the chroot maintenance tool Jailer, creates a predictable temporary file name, which may lead to local denial of service through a symlink attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

6.9CVSS5.3AI score0.00295EPSS

Exploits0References3

Debian•added 2008/11/30 8:33 a.m.•22 views

[SECURITY] [DSA 1674-1] New jailer packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1674-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2008 http://www.debian.org/security/faq -...

6.9CVSS6AI score0.00295EPSS

OSV•added 2008/11/30 12:0 a.m.•7 views

DSA-1674-1 jailer - denial of service

Bulletin has no description...

6.9CVSS6.7AI score0.00295EPSS