Main Vulnerability Database Vulnerabilities #VU121562

Permissions, Privileges, and Access Controls in CLI - CVE-2026-0775

Published: January 15, 2026

Vulnerability identifier: #VU121562

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-0775

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: npm Inc.

Affected software:
CLI

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the affected application loads modules from an unsecured location, which leads to security restrictions bypass and privilege escalation.

How to mitigate CVE-2026-0775

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources

https://www.zerodayinitiative.com/advisories/ZDI-26-043/

Permissions, Privileges, and Access Controls in CLI - CVE-2026-0775

Detailed vulnerability description

How to mitigate CVE-2026-0775

Sources

Please verify you're human