Home / Vulnerability Intelligence / CVE-2026-31979

CVE-2026-31979 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 12, 2026

Himmelblau - Privilege Escalation

Published: March 11, 2026Updated: March 12, 2026

Overview

Himmelblau < 3.1.0 and < 2.3.8 contains a local privilege escalation caused by lack of symlink protections in himmelblaud-tasks daemon writing Kerberos cache files under /tmp, letting local users overwrite arbitrary files, exploit requires local user access.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 1.7%(Probability of exploitation in next 30 days)

Impact

Local users can escalate privileges by overwriting arbitrary files, potentially gaining root access.

Mitigation

Update to versions 3.1.0 or 2.3.8 or later.

References

https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-44wm-q286-ghq3

Social Media Activity(1 post)

Catalin Cimpanu

@campuscodi

Mar 22, 2026

A vulnerability in a Linux enterprise app can allow attackers root access over devices The issue impacts Himmelblau, an interoperability suite to integrate Linux with Entra ID and Intune networks. https://www.akamai.com/blog/security-research/2026/mar/cve-2026-31979-symlink-root-privilege-escalation-himmelblau

View original post

Related Resources

Details

CVE ID: CVE-2026-31979
Severity: High
CVSS Score: 8.8
Type: broken_access_control
Status: unconfirmed
EPSS: 1.7%
Social Posts: 1

CWE

CWE-59

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

1.7%Probability of exploitation in the next 30 days