CVE-2026-35366
CWE-754Published: April 22, 2026· Updated: Apr 22, 2026
Official Description
The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in environment strings, the uutils implementation silently skips these entries rather than printing the raw bytes. This vulnerability allows malicious environment variables (e.g., adversarial LD_PRELOAD values) to evade inspection by administrators or security auditing tools, potentially allowing library injection or other environment-based attacks to go undetected.
Technical Analysis
CVE-2026-35366 requires local access, meaning attackers must already have a foothold on the target system.
Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
All References (4)
Quick Facts
Related CVEs (CWE-754)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-35366 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts