๐Ÿ” CVE Alert

CVE-2026-54000

UNKNOWN 0.0

osquery: Heap buffer overflow in `getProcessCurrentDirectory()` via `processes` table (Windows)

CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
1th

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, on Windows, a local unprivileged attacker can cause a heap buffer out-of-bounds write if there is a query of the processes table targeting a maliciously crafted process, due to unchecked PEB string lengths in process command-line and current-directory reads. If exploited successfully, this could allow a potential local privilege escalation from standard user to SYSTEM. This issue is fixed in version 5.23.1.

CWE CWE-122
Vendor osquery
Product osquery
Published Jul 10, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for osquery osquery

Be the first to know when new unknown vulnerabilities affecting osquery osquery are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

osquery / osquery
< 5.23.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/osquery/osquery/security/advisories/GHSA-4r78-6hg6-33gg github.com: https://github.com/osquery/osquery/pull/8934 github.com: https://github.com/osquery/osquery/commit/3d457c412eb0c986b0c37d8903edae8bc9f9e246 github.com: https://github.com/osquery/osquery/releases/tag/5.23.1