Home / Vulnerability Intelligence / CVE-2026-21882

CVE-2026-21882 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: March 2, 2026

theshit - Privilege Escalation

Published: March 2, 2026Updated: March 2, 2026

Overview

theshit < 0.2.0 contains a local privilege escalation caused by improper privilege dropping during command re-execution, letting local attackers escalate privileges, exploit requires local access.

Severity & Score

Severity: High

CVSS Score: 8.4

EPSS Score: 1.3%(Probability of exploitation in next 30 days)

Impact

Local attackers can escalate privileges, potentially gaining unauthorized administrative access.

Mitigation

Update to version 0.2.0 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 2, 2026

🟠 CVE-2026-21882 - High (8.4) theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched i... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21882/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-21882
Severity: High
CVSS Score: 8.4
Type: broken_access_control
Status: unconfirmed
EPSS: 1.3%
Social Posts: 1

CWE

CWE-250

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

1.3%Probability of exploitation in the next 30 days