CVE-2026-8784 | npitre cramfs-tools up to 2.2 cramfsck.c change_file_status symlink (Issue 13)

Inserito da Angelo Barbosa | Mag 17, 2026 | CVE

A vulnerability, which was classified as critical, has been found in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink following.

This vulnerability is reported as CVE-2026-8784. The attack requires a local approach. Moreover, an exploit is present.

It is recommended to apply a patch to fix this issue.

CVE-2026-8784 | npitre cramfs-tools up to 2.2 cramfsck.c change_file_status symlink (Issue 13)

Post correlati

CVE-2023-37526 | HCL DRYiCE Lucy 9 cross-domain policy (KB0113032)

CVE-2025-47524 | karim42 Quran Multilanguage Text & Audio Plugin up to 2.3.23 on WordPress cross site scripting

CVE-2026-6125 | Dromara warm-flow up to 1.8.4 Workflow Definition /warm-flow/save-json SpelHelper.parseExpression listenerPath/skipCondition/permissionFlag code injection (IHURVQ)

CVE-2024-1074 | Beaver Builder Plugin up to 2.7.4.2 on WordPress Audio Widget cross site scripting