CVE-2026-8784 – npitre cramfs-tools cramfsck.c change_file_status symlink

CVE ID :CVE-2026-8784

Published : May 18, 2026, 2:30 a.m. | 1 hour, 30 minutes ago

Description :A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named b4a3a695c9873f824907bd15659f2a6ac7667b4f. It is recommended to apply a patch to fix this issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…