CVE-2026-35365 in coreutilsinfo

Zusammenfassung

von MITRE • 22.04.2026

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to resource exhaustion (disk space or time) if symlinks point to large external directories, unexpected duplication of sensitive data into unintended locations, or infinite recursion and repeated copying in the presence of symlink loops.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Canonical

Reservieren

02.04.2026

Veröffentlichung

22.04.2026

Moderieren

akzeptiert

Eintrag

VDB-359012

CPE

bereit

CWE

CWE-59 (bestätigt)

CVSS

6.6 (CNA)

EPSS

0.00016

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-35365
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-35365
CVE Details	https://www.cvedetails.com/cve/CVE-2026-35365/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!