<p>Posted by Greg via Fulldisclosure on Jul 02</p>1. Advisory information<br> -----------------------<br> Title: Symlink following and TOCTOU in pwnlift upload handler allow arbitrary file write…
| CVE ID | CVE-2026-56815 |
| Vendor | SecLists |
| Affected Product | Multiple Targets |
| Vulnerability Type | Zero-Day Exploit |
| CVSS Score | 8.0 (HIGH) |
| Actively Exploited | ❌ No known exploitation |
| Patch Status | See Vendor Advisory → |
| Reported By | CYBERDUDEBIVASH SENTINEL APEX Intelligence (via fulldisclosure) |
<p>Posted by Greg via Fulldisclosure on Jul 02</p>1. Advisory information<br> -----------------------<br> Title: Symlink following and TOCTOU in pwnlift upload handler allow arbitrary file write as root<br> Advisory: <a rel="nofollow" href="https://github.com/GregDurys/security-advisories">https://github.com/GregDurys/security-advisories</a><br> GHSA: GHSA-2v7v-rhpw-m9w4<br> CVE: CVE-2026-56815<br> Class: CWE-59 (Improper Link Resolution Before File Access), <br> CWE-367 (Time-of-check Time-of-use Race Condit
Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.