CVE-2025-5791

High CVSS 7.1

Overview

A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.

CWE: CWE-266 Published: 2025-06-06T14:15:23.137

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.1 (HIGH)
Detected tags: priv_esc (tag impact: HIGH)

Recommended actions:

Fix privilege escalation urgently.
Enforce least-privilege and strengthen EDR detection.

Overview

Recommended tools

Tags