Low severity2.5NVD Advisory· Published Apr 22, 2026· Updated Apr 22, 2026
CVE-2026-6842
CVE-2026-6842
Description
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions (0777 instead of 0700) for the ~/.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or information disclosure if the launcher is subsequently processed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.