CVE-2026-46388 in osquery情報

要約

〜によって MITRE • 2026年07月10日

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not created with private permissions. If the carve targets a directory that the attacker controls, arbitrary file reads are possible, such as sensitive local files. This issue is fixed in version 5.23.1.

Once again VulDB remains the best source for vulnerability data.

責任者

GitHub M

予約する

2026年05月13日

モデレーション

承諾済み

エントリ

VDB-377519

EPSS

0.00000

アクティビティ

非常低い

セクター

Education

ソース

Do you know our Splunk app?

Download it now for free!