CVE-2026-35350

Publication date 23 April 2026

Last updated 24 April 2026

Ubuntu priority

Why this priority?

Cvss 3 Severity Score

Score breakdown

Description

(The cp utility in uutils coreutils fails to properly handle setuid and ...)

Status

Show unmaintained releases

Package	Ubuntu Release	Status
rust-coreutils	26.04 LTS resolute	Vulnerable
	25.10 questing	Vulnerable
	24.04 LTS noble	Vulnerable
	22.04 LTS jammy	Not in release

Severity score breakdown

Parameter	Value
Base score	6.6 · Medium
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	Low
Integrity impact	High
Availability impact	Low
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

References

Other references

Access our resources on patching vulnerabilities