CVE-2026-27139

ADVISORY - nist

Summary

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo⁠

Impacted images

Advisories

NIST

CREATED

9 hours ago

UPDATED

9 hours ago

ADVISORY IDCVE-2026-27139⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

RATING UNAVAILABLE FROM ADVISORY

Alpine

CREATED

22 hours ago

UPDATED

22 hours ago

ADVISORY IDCVE-2026-27139⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

8 hours ago

UPDATED

3 hours ago

ADVISORY IDCVE-2026-27139⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

GoLang

CREATED

11 hours ago

UPDATED

11 hours ago

ADVISORY IDGO-2026-4602⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY