Lucene search
K

5 matches found

EUVD
EUVD
added 2 days ago8 views

EUVD-2026-24981

rm: --preserve-root bypassed via a symlink to / string check instead of dev/inode...

7.7CVSS5.9AI score0.00184EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/24 7:16 p.m.6 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

7.7CVSS5.4AI score0.00184EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 5:16 p.m.3 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

7.7CVSS0.00184EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:7 p.m.5 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

6.7CVSS5.8AI score0.00184EPSS
Exploits0References3
CVE
CVE
added 2026/04/22 4:7 p.m.17 views

CVE-2026-35349

CVE-2026-35349 affects the rm utility in uutils coreutils . The root cause is a path-string check used to identify the root directory instead of comparing device/inode numbers, allowing a symbolic link that resolves to "/" (e.g., "/tmp/rootlink -> /") to bypass --preserve-root. This can lead t...

7.7CVSS5.8AI score0.00184EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder