CVE-2026-59674
LPE from suricata user to root due to chown in %post in suricata packaging
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1.
| CWE | CWE-61 |
| Vendor | suse |
| Product | opensuse tumbleweed |
| Published | Jul 14, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for suse opensuse tumbleweed
Be the first to know when new unknown vulnerabilities affecting suse opensuse tumbleweed are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
SUSE / openSUSE Tumbleweed
? < 8.0.5-2.1
SUSE / openSUSE Tumbleweed
? < 8.0.5-2.1
References
Credits
Johannes Segitz (SUSE)