Lucene search
K

14 matches found

EUVD
EUVD
added 4 days ago8 views

EUVD-2026-24981

rm: --preserve-root bypassed via a symlink to / string check instead of dev/inode...

7.7CVSS5.9AI score0.00184EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago12 views

EUVD-2026-24963

chmod: --preserve-root bypassed by any path that resolves to root e.g. /../...

7.3CVSS5.9AI score0.00175EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/24 8:16 p.m.8 views

CVE-2026-35338

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS5.5AI score0.00175EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/24 7:16 p.m.6 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

7.7CVSS5.4AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 6:31 p.m.12 views

GHSA-V762-X3CF-5MFG Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...

6.7CVSS5.9AI score0.00184EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.9 views

Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...

7.7CVSS5.9AI score0.00184EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.28 views

Duplicate Advisory: uutils coreutils allows users to bypass the --preserve-root safety mechanism

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4c7q-4928-8445. This link is maintained to preserve external references. Original Description A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism...

7.3CVSS6AI score0.00175EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/22 6:31 p.m.6 views

GHSA-9GQX-53GP-C8G3 Duplicate Advisory: uutils coreutils allows users to bypass the --preserve-root safety mechanism

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4c7q-4928-8445. This link is maintained to preserve external references. Original Description A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism...

7.3CVSS6AI score0.00175EPSS
Exploits0References5
NVD
NVD
added 2026/04/22 5:16 p.m.4 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

7.7CVSS0.00184EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 5:16 p.m.12 views

CVE-2026-35338

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:7 p.m.5 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

6.7CVSS5.8AI score0.00184EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/22 4:7 p.m.7 views

CVE-2026-35338 uutils coreutils chmod Path Traversal Bypass of --preserve-root

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS5.9AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.12 views

uutils coreutils 后置链接漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. uutils coreutils has a post-installation link vulnerability. This vulnerability stems from the rm utility allowing bypass of the --preserve-root protection. Instead of using device and inode numbers fo...

7.7CVSS5.8AI score0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.14 views

PT-2026-34474

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description A flaw in the chmod utility allows users to bypass the --preserve-root safety mechanism. The implementation validates if the target path is literally '/', but fails to canonicalize t...

7.3CVSS6AI score0.00175EPSS
Exploits0References15
Rows per page
Query Builder