CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-54369

highCVSS 7.1covered by 2 sourcesfirst seen 2026-06-09
acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate privileges by replacing any pathname component with a symbolic link. Attackers who control any component of a pathname processed by a privileged caller can redirect ACL read or write operations to arbitrary files or directories, enabling unauthorized manipulation of access control lists and local privilege escalation.

CSIRTS triage

What
Symlink Traversal Privilege Escalation via libacl Functions affects acl versions below 2.4.0.
Who is affected
Deployments using acl versions less than 2.4.0 are affected.
Urgency
Remediation is urgent due to the high severity with a CVSS score of 7.1.
Action
Upgrade acl to version 2.4.0 or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-54369

Get an email if CVE-2026-54369 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-54369

CVE.org record

Embed the live status

CVE-2026-54369 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-54369 status](https://www.csirts.com/badge/CVE-2026-54369)](https://www.csirts.com/cve/CVE-2026-54369)