CVE-2026-35353

Name of the Vulnerable Software and Affected Versions uutils coreutils (affected versions not specified)

Description The mkdir utility incorrectly applies permissions when the -m flag is used. The utility creates a directory with umask-derived permissions (typically 0755) and then changes them to the requested mode using a separate chmod system call. In multi-user environments, this creates a brief window where a directory intended to be private remains accessible to other users, which could lead to unauthorized data access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.