Vulnerabilities

CVE-2025-9810

by Fred · 01/09/2025

TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen(“w”) on the history path and subsequent chmod() on the same path.

More information : https://github.com/antirez/linenoise/blob/master/linenoise.c#L1321

Similar

Tags: Cybersecurity Alert