Unrated severityNVD Advisory· Published Feb 27, 2026· Updated Mar 7, 2026
CVE-2026-28372
CVE-2026-28372
Description
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: >=2.40
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.