H1-3465156 — Vulnetix

H1-3465156 PUBLISHED CVSS 5.800000190734863 MEDIUM

Node.js permission model bypass via unchecked Unix Domain Socket connections (UDS)

Risk Scores

CVSS 3.1

5.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Exploit Intelligence

Pauldechassey/CVE-2026-21636 (github-poc-repo)
Pauldechassey/CVE-2026-21636 (github-poc)
Node.js permission model bypass via unchecked Unix Domain Socket connections (UDS) (hackerone)
Node.js permission model bypass via unchecked Unix Domain Socket connections (UDS) (hackerone)
EUVD-2026-3334.json (github-poc)
config-checks.test.ts (github-poc)
hardening-auditor.ts (github-poc)
cfg-011-node-cve.ts (github-poc)
SecurityScanner.ts (github-poc)

Timeline

Feb 12, 2026 CVE Published
Feb 12, 2026 PoC Published

References

Node.js permission model bypass via unchecked Unix Domain Socket connections (UDS) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›