CVE-2026-35363

Name of the Vulnerable Software and Affected Versions uutils coreutils (affected versions not specified)

Description A flaw in the rm utility allows the bypass of safeguard mechanisms designed to protect the current directory. Although the utility prevents the deletion of . or .., it does not recognize equivalent paths that include trailing slashes, such as ./ or .///. This can lead to the silent recursive deletion of all contents in the current directory when executing rm -rf ./. Additionally, the utility may report an 'Invalid input' error, which can mislead users and hinder timely data recovery.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.