CVE-2026-35370

Name of the Vulnerable Software and Affected Versions uutils coreutils (affected versions not specified)

Description The id utility miscalculates the groups= section of its output by using a user's real GID instead of their effective GID to compute the group list. This creates a discrepancy compared to GNU coreutils. Since various scripts and automated processes use the output of id for security-critical access-control or permission decisions, this behavior can result in unauthorized access or security misconfigurations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.