Heap Buffer Out-of-Bounds Write Vulnerability in osquery by Facebook
CVE-2026-54000

7HIGH

Key Information:

Vendor

Osquery

Status
Vendor
CVE Published:
10 July 2026

What is CVE-2026-54000?

A vulnerability in osquery prior to version 5.23.1 allows a local unprivileged attacker on Windows systems to exploit heap buffer out-of-bounds writes. This occurs when querying the processes table with a specially crafted process. The vulnerability is rooted in unchecked process Environment Block (PEB) string lengths during command-line and current-directory reads. If leveraged, this could enable an attacker to escalate privileges from a standard user to SYSTEM level, posing a significant security threat. The issue has been mitigated in the recent update, version 5.23.1.

Affected Version(s)

osquery < 5.23.1

References

CVSS V4

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.