← back
CVE-2026-54231

Abrt: unsanitized systemd journal content written to dump directory files enables content injection

CVSS 5.5 MEDIUMEPSS 0.1%CWE-74
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal output by embedding newline characters in syslog messages, controlling the content that root writes to dump directory files.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N