Vulnerability Details CVE-2026-35357
The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived permissions (e.g., 0644) before being restricted to their final mode (e.g., 0600) later in the process. A local attacker can race to open the file during this window; once obtained, the file descriptor remains valid and readable even after the permissions are tightened, exposing sensitive or private file contents.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.0%
CVSS Severity
CVSS v3 Score 4.7
References