CVE Catalog

CVE-2026-54369

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

4th percentile — higher than 4% of all known CVEs

Summary

A symlink traversal vulnerability was found in the libacl library before version 2.4.0 in pathname-based functions. A local attacker can replace any pathname component with a symbolic link, leading to privilege escalation by manipulating access control lists.

Risk Assessment

The organization faces local privilege escalation risks, potentially allowing unauthorized users to read or write arbitrary files and directories, including critical system files.

Recommendation

Immediately upgrade the acl/libacl library to version 2.4.0 or later. As a temporary measure, restrict access to sensitive paths and monitor local user activities.

Original NVD description (English source)

acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate privileges by replacing any pathname component with a symbolic link. Attackers who control any component of a pathname processed by a privileged caller can redirect ACL read or write operations to arbitrary files or directories, enabling unauthorized manipulation of access control lists and local privilege escalation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS