Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

RedhatCVE
RedhatCVEadded 2026/01/27 5:5 a.m.5 views

CVE-2026-1386

A flaw was found in the Firecracker jailer component. A local user with write access to pre-created jailer directories could exploit a symbolic link symlink following issue. This vulnerability allows the attacker to overwrite arbitrary host files during the jailer's startup initialization process...

6CVSS5.8AI score0.00011EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2026/01/27 12:27 a.m.4 views

SUSE CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.9AI score0.00011EPSS
Exploits0References3
NVD
NVDadded 2026/01/23 9:15 p.m.6 views

CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS0.00011EPSS
Exploits0References4
OSV
OSVadded 2026/01/23 9:15 p.m.2 views

CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.8AI score
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/23 8:25 p.m.2 views

CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.9AI score0.00011EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/01/23 8:25 p.m.2 views

CVE-2026-1386 Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.7AI score0.00011EPSS
Exploits0References4
EUVD
EUVDadded 2026/01/23 8:25 p.m.3 views

EUVD-2026-4536

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.7AI score0.00011EPSS
Exploits0References4
CVE
CVEadded 2026/01/23 8:25 p.m.11 views

CVE-2026-1386

The CVE-2026-1386 issue affects Firecracker’s jailer component. A local user who has write access to pre-created jailer directories could abuse a UNIX symlink vulnerability during jailer startup to overwrite arbitrary host files when the jailer runs with root privileges. Affected versions include...

6CVSS5.7AI score0.00011EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/01/23 8:25 p.m.18 views

CVE-2026-1386 Arbitrary Host File Overwrite via Symlink in Firecracker Jailer

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS0.00011EPSS
Exploits0References4
AlpineLinux
AlpineLinuxadded 2026/01/23 8:25 p.m.3 views

CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.7AI score0.00011EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/01/23 12:0 a.m.3 views

PT-2026-4532

Name of the Vulnerable Software and Affected Versions Firecracker versions prior to 1.13.2 and version 1.14.0 Description A flaw exists in the jailer component of Firecracker that could allow a local host user with write access to pre-created jailer directories to overwrite arbitrary host files...

6CVSS5.5AI score0.00011EPSS
Exploits0References11
CNNVD
CNNVDadded 2026/01/23 12:0 a.m.2 views

Firecracker security vulnerability

Firecracker is a microvirtual machine open source project developed by firecracker-microvm, designed for serverless computing. Firecracker versions 1.13.1 and earlier, as well as version 1.14.0, have security vulnerabilities. These vulnerabilities stem from issues with UNIX symbolic link handling...

6CVSS5.8AI score0.00011EPSS
Exploits0References4
OpenVAS
OpenVASadded 2008/12/03 12:0 a.m.12 views

Debian: Security Advisory (DSA-1674-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.2AI score0.00025EPSS
Exploits0References3
OpenVAS
OpenVASadded 2008/12/03 12:0 a.m.18 views

Debian Security Advisory DSA 1674-1 (jailer)

The remote host is missing an update to jailer announced via advisory DSA 1674-1. OpenVAS Vulnerability Test $Id: deb16741.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1674-1 jailer Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

6.9CVSS0.2AI score0.00025EPSS
Exploits0
securityvulns
securityvulnsadded 2008/12/01 12:0 a.m.40 views

[SECURITY] [DSA 1674-1] New jailer packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1674-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2008 http://www.debian.org/security/faq -...

6.9CVSS0.2AI score0.00025EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2008/12/01 12:0 a.m.17 views

Debian DSA-1674-1 : jailer - insecure temp file generation

Javier Fernandez-Sanguino Pena discovered that updatejail, a component of the chroot maintenance tool Jailer, creates a predictable temporary file name, which may lead to local denial of service through a symlink attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

6.9CVSS5.3AI score0.00025EPSS
Exploits0References3
securityvulns
securityvulnsadded 2008/12/01 12:0 a.m.20 views

jailer symbolic links vulnerability

updatejail insecure temporary files creation...

6.9CVSS1.1AI score0.00025EPSS
Exploits0References1Affected Software1
Debian
Debianadded 2008/11/30 8:33 a.m.22 views

[SECURITY] [DSA 1674-1] New jailer packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1674-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2008 http://www.debian.org/security/faq -...

6.9CVSS6AI score0.00025EPSS
Exploits0
OSV
OSVadded 2008/11/30 12:0 a.m.6 views

DSA-1674-1 jailer - denial of service

Bulletin has no description...

6.9CVSS6.7AI score0.00025EPSS
Exploits0
NVD
NVDadded 2008/11/18 4:0 p.m.9 views

CVE-2008-5139

updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.updatejail temporary file...

6.9CVSS6.2AI score0.00025EPSS
Exploits0References5
Rows per page
Query Builder