CVE-2026-44933— Path Traversal in Plugin Loading in libzypp
Possible ATT&CK Techniques 1AI
T1068 · Exploitation for Privilege EscalationAffected Version Matrix 2
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SUSE | openSUSE | 17.38.8< 17.38.9 | affected |
| SUSE | SUSE Linux Enterprise | 17.38.8< 17.38.9 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44933
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal in Plugin Loading in libzypp
Source: NVD (National Vulnerability Database)
Vulnerability Description
`PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the system root) in standard configurations or when using `--root`. If the chroot target is `/`, it is a no-op, allowing the traversed path to execute host binaries (like `/bin/bash`) with root privileges.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
路径遍历:’…/…//’
Source: NVD (National Vulnerability Database)
Vulnerability Title
libzypp 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
libzypp是openSUSE开源的一款软件包管理器。 libzypp存在安全漏洞,该漏洞源于chroot目标为系统根目录时未生效,允许遍历路径以root权限执行主机二进制文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise | 17.38.8 ~ 17.38.9 | - | |
| SUSE | openSUSE | 17.38.8 ~ 17.38.9 | - |
II. Public POCs for CVE-2026-44933
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-44933
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: SUSE
- CVE-2026-41054
Missing exit out of permission check in haveged could lead t - CVE-2026-41051
csync2 uses insecure temporary directories when compiled wit - CVE-2026-41050
Helm impersonation bypass of `RESTClientGetter` retains `clu - CVE-2026-25705
Rancher Extensions have arbitrary file access via path trave - CVE-2026-25702
nftables disabled due to incorrect kernel backport
Same weakness: CWE-35
V. Comments for CVE-2026-44933
No comments yet