CVE-2026-0775

ADVISORY - github

Summary

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the handling of modules. The application loads modules from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user.

EPSS Score⁠: 0.00014 (0.019)

Common Weakness Enumeration (CWE)

ADVISORY - nist

NIST

CREATED

12 days ago

UPDATED

8 days ago

ADVISORY IDCVE-2026-0775⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-732⁠

CVSS SCORE

7high

GitHub

CREATED

12 days ago

UPDATED

7 hours ago

ADVISORY IDGHSA-3966-f6p6-2qr9⁠

EXPLOITABILITY SCORE

1.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-732⁠

CVSS SCORE

7high

Debian

CREATED

11 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-0775⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

11 days ago

UPDATED

11 days ago

ADVISORY IDCVE-2026-0775⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

CVE-2026-0775

Summary

Common Weakness Enumeration (CWE)

CWE-732⁠

CWE-732⁠

Advisories

NIST

CVSS SCORE

GitHub

CVSS SCORE

Debian

Ubuntu

CVSS SCORE