CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1422 matches found

OSV•added 2026/04/22 6:31 p.m.•2 views

GHSA-5V4G-VW9X-H534 uutils coreutils has an Improper Input Validation Issue in its env Utility

A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S split-string option. In GNU env, backslashes within single quotes are treated literally with the exceptions of \ and '. However, the uutils implementation...

3.3CVSS5.8AI score0.00017EPSS

Exploits0References3

Github Security Blog•added 2026/04/22 6:31 p.m.•6 views

uutils coreutils has an Improper Input Validation Issue in its env Utility

3.3CVSS5.3AI score0.00017EPSS

Exploits0References3Affected Software1

OSV•added 2026/04/22 6:31 p.m.•1 views

GHSA-4WRP-79M8-9M9P uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output files using their file paths before initiating the split operation. However, the utility subsequently...

6.3CVSS5.8AI score0.00014EPSS

Exploits0References3

Github Security Blog•added 2026/04/22 6:31 p.m.•3 views

uutils coreutils has an Improper Handling of Unicode Encoding Issue

A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes tostringlossy when constructing chunk filenames, which automatically rewrites invalid byte sequences into the UTF-8...

3.3CVSS5.4AI score0.00015EPSS

Exploits1References5Affected Software1

OSV•added 2026/04/22 6:31 p.m.•0 views

GHSA-VX9M-XJWF-8CQM uutils coreutils has an Improper Handling of Unicode Encoding Issue

3.3CVSS5.8AI score0.00015EPSS

Exploits1References5

EUVD•added 2026/04/22 6:31 p.m.•2 views

EUVD-2026-25026

3.3CVSS5.7AI score0.00015EPSS

Exploits1References3

Github Security Blog•added 2026/04/22 6:31 p.m.•2 views

uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

6.3CVSS5.3AI score0.00014EPSS

Exploits0References3Affected Software1

EUVD•added 2026/04/22 6:31 p.m.•3 views

EUVD-2026-25030

3.3CVSS5.8AI score0.00017EPSS

Exploits0References2

NVD•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-35374

6.3CVSS0.00014EPSS

Exploits0References1

NVD•added 2026/04/22 5:16 p.m.•0 views

CVE-2026-35377

3.3CVSS0.00017EPSS

Exploits0References1

NVD•added 2026/04/22 5:16 p.m.•3 views

CVE-2026-35375

3.3CVSS0.00015EPSS

Exploits1References2

OSV•added 2026/04/22 5:16 p.m.•0 views

UBUNTU-CVE-2026-35375

3.3CVSS5.8AI score0.00015EPSS

Exploits1References3

UbuntuCve•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-35375

3.3CVSS5.8AI score0.00015EPSS

Exploits1References2

Cvelist•added 2026/04/22 4:9 p.m.•24 views

CVE-2026-35377 uutils coreutils env Local Denial of Service via Improper Handling of Backslashes in Split-String Mode

3.3CVSS0.00017EPSS

Exploits0References1

Vulnrichment•added 2026/04/22 4:9 p.m.•2 views

CVE-2026-35377 uutils coreutils env Local Denial of Service via Improper Handling of Backslashes in Split-String Mode

3.3CVSS5.8AI score0.00017EPSS

Exploits0References1

ATTACKERKB•added 2026/04/22 4:9 p.m.•3 views

CVE-2026-35377

3.3CVSS5.8AI score0.00017EPSS

Exploits0References2

CVE•added 2026/04/22 4:9 p.m.•4 views

CVE-2026-35377

The CVE-2026-35377 entry affects the uutils coreutils env utility. A logic error in handling the -S (split-string) mode causes incorrect parsing of command-line arguments; specifically, in contrast to GNU env, the implementation attempts to validate backslash sequences inside single quotes and fa...

3.3CVSS5.8AI score0.00017EPSS

Exploits0References1Affected Software1