Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Debian Linux: Unprivileged User Privilege Escalation
DEBIAN-CVE-2026-41082
Summary
A security issue in Debian Linux allows an attacker to gain elevated privileges if they have an unprivileged user account. This could potentially allow the attacker to take control of the entire system. Users should update their Debian systems to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | opam | All versions |
| Debian:12 | debian | opam | All versions |
| Debian:13 | debian | opam | All versions |
| Debian:14 | debian | opam | All versions |
Original title
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.
Original description
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.
- https://security-tracker.debian.org/tracker/CVE-2026-41082 Vendor Advisory
Published: 16 Apr 2026 · Updated: 17 Apr 2026 · First seen: 16 Apr 2026