Vulnerabilities

CVE-2026-25674 - Potential incorrect permissions on newly created file system objects

2026-03-03 0 views admin

CVE ID : CVE-2026-25674 Published : March 3, 2026, 3:16 p.m. | 57 minutes ago Description : An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's temporary `umask` change affects other threads in multi-threaded environments. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Tarek Nakkouch for reporting this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-25674

Published

March 3, 2026

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-25674

CVE-2026-25674 - Potential incorrect permissions on newly created file system objects

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-62815 - Samsung Exynos NULL Pointer Dereference Denial of Service

CVE-2025-62814 - Samsung Exynos Denial of Service Vulnerability

CVE-2025-66680 - WiseCleaner Wise Force Deleter Arbitrary File Deletion Vulnerability

CVE-2025-66363 - Samsung Exynos 2200 LBS Memory Initialization Vulnerability

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting