CVE-2026-35345

Name of the Vulnerable Software and Affected Versions uutils coreutils (affected versions not specified)

Description A flaw in the tail utility occurs when using the '--follow=name' option. The implementation continues to monitor a path even after it has been replaced by a symbolic link, which leads to the output of the target file's contents. A local attacker with write access to a monitored directory can replace a log file with a symbolic link to a sensitive system file, such as '/etc/shadow', causing the utility to disclose the contents of that file if it is being monitored by a privileged user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.