CVE-2025-9810

MEDIUM 6.8

TOCTOU race in Linenoise enables arbitrary file overwrite and permission changes

CVSS Score

6.8

EPSS Score

0.0%

EPSS Percentile

2th

TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.

CWE	CWE-367
Vendor	antirez
Product	linenoise
Published	Sep 1, 2025
Last Updated	Apr 22, 2026

Stay Ahead of the Next One

Get instant alerts for antirez linenoise

Be the first to know when new medium vulnerabilities affecting antirez linenoise are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

Low

Affected Versions

antirez / linenoise

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/antirez/linenoise/blob/master/linenoise.c#L1321 github.com: https://github.com/antirez/linenoise/pull/202 github.com: https://github.com/antirez/linenoise/blob/4111f1d6cd29e136b4e86a25d1dd859a1e00813b/linenoise.c#L1321 github.com: https://github.com/antirez/linenoise/commit/f2558e1e588b1ba384ec73a2cf5c9a46409753db

Credits

@disconnect3d Simcha Kosman