#VU121562 Permissions, Privileges, and Access Controls in CLI - CVE-2026-0775
Published: January 15, 2026
Vulnerability identifier: #VU121562
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-0775
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
CLI
CLI
Software vendor:
npm Inc.
npm Inc.
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to the affected application loads modules from an unsecured location, which leads to security restrictions bypass and privilege escalation.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.