Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/13 7:21 a.m.15 views

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

5.4CVSS5.9AI score0.01215EPSS
Exploits1References1
NVD
NVD
added 2026/02/12 10:16 p.m.10 views

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

5.4CVSS0.01215EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/12 12:0 a.m.5 views

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

5.4CVSS5.9AI score0.01215EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/12 12:0 a.m.5 views

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

5.9AI score0.01215EPSS
Exploits1References3
CVE
CVE
added 2026/02/12 12:0 a.m.17 views

CVE-2026-25828

CVE-2026-25828 affects grub-btrfs up to 2026-01-31 on Arch Linux and derivatives. The initramfs hook grub-btrfs-overlayfs passes the kernel parameter $root to resolve_device() without sanitization, enabling potential initramfs command execution as root during boot. The issue is rooted in not sani...

5.4CVSS5.9AI score0.01215EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/02/06 2:44 p.m.192 views

Exploit for CVE-2026-25828

CVE-2026-25828 - Command Injection in grub-btrfs initramfs hoo...

5.8AI score0.01215EPSS
Exploits1
Rows per page
Query Builder