File Read Vulnerability in osquery by Facebook
CVE-2026-46388
4.4MEDIUM
What is CVE-2026-46388?
osquery, a powerful operating system instrumentation and monitoring tool, has a vulnerability where unprivileged attackers can read sensitive contents from osquery file carves prior to version 5.23.1. This occurs because the temporary directories for the carve process are created without strict private permissions. If an attacker's controlled directory is targeted during the carve, they can access arbitrary files, posing a substantial risk to sensitive local data. To mitigate this risk, users are advised to upgrade to osquery version 5.23.1, where this issue has been addressed.
Affected Version(s)
osquery < 5.23.1
