CVE-2026-35349 — The Rm Utility Of Uutils Coreutils Vulnerability
CVE-2026-35349 — A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguar
What This Means For You
- If your environment is affected by CWE-59, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2026-35349 updates and patches.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-35349 - Uutils Coreutils rm Bypass Root Protection
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-35349 | vulnerability | CVE-2026-35349 |
| CWE-59 | weakness | CWE-59 |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 22, 2026 at 20:16 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related Posts
CVE-2026-34066 — nimiq-blockchain provides persistent block storage for
CVE-2026-34066 — nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, `HistoryStore::put_historic_txns` uses an `assert!` to enforce invariants about `HistoricTransaction.block_number` (must...
Nimiq Primitives Node Panic via Malformed BLS Key
CVE-2026-34065 — nimiq-primitives contains primitives (e.g., block, account, transaction) to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can...
CVE-2026-34064 — nimiq-account contains account primitives to be used in
CVE-2026-34064 — nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `VestingContract::can_change_balance` returns `AccountError::InsufficientFunds` when `new_balance < min_cap`, but...