{"uuid": "7b8007bb-994c-4358-a751-8528057ae090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/361", "content": "ssh-keysign-pwn \u2014 CVE-2026-46333\n\nA critical race condition flaw in pre-31e62c2ebbfd Linux kernels. Due to a window during process exit where the memory management structure is cleared before file descriptors are closed, an unprivileged user can use pidfd_getfd(2) to steal open file descriptors of privileged processes, enabling unauthorized reading of root-owned files.\n\n\ud83d\udd17 Exploit:\nhttps://github.com/0xdeadbeefnetwork/ssh-keysign-pwn\n\n\ud83d\udd17 Source:\nhttps://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path\n\n#linux #kernel #privesc #racecondition #pidfd", "creation_timestamp": "2026-06-01T14:36:08.000000Z"}