Symlink Following Vulnerability in OpenSUSE Tumbleweed Suricata Package
CVE-2026-59674

7.1HIGH

Key Information:

Vendor

Suse

Vendor
CVE Published:
14 July 2026

What is CVE-2026-59674?

A Symlink Following vulnerability in the Suricata package for openSUSE Tumbleweed permits unauthorized escalation of privileges, allowing a suricata user to gain root access. This security flaw can be exploited to perform harmful actions on the system, particularly affecting the integrity and confidentiality of the data. Users are urged to upgrade to versions 8.0.5-2.1 or later to mitigate potential risks.

Affected Version(s)

openSUSE Tumbleweed ? < 8.0.5-2.1

openSUSE Tumbleweed ? < 8.0.5-2.1

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Johannes Segitz (SUSE)
.