Critical sed Vulnerability in Ubuntu Could Allow File Overwrites

Severity: High (Score: 72.5)

Sources: Linuxsecurity, Ubuntu

Summary

A critical security vulnerability has been identified in the GNU stream editor (sed) affecting multiple Ubuntu releases, including 26.04 LTS, 25.10, 24.04 LTS, and 22.04 LTS. Discovered by Michał Majchrowicz and Marcin Wyczechowski, the flaw arises from sed's improper handling of symbolic links during in-place edits. This vulnerability, identified as CVE-2026-5958, could allow local attackers to overwrite arbitrary files on affected systems. Users are advised to update to the latest package versions to mitigate this risk. The vulnerability was published on April 20, 2026, and poses significant security concerns for users of the affected Ubuntu versions. A standard system update will resolve the issue. The affected sed versions are 4.9-2ubuntu1 for Ubuntu 26.04 LTS, and earlier versions for the other releases. Immediate action is recommended to prevent potential exploitation. Key Points: • Critical vulnerability in sed affects multiple Ubuntu versions. • Local attackers can exploit the flaw to overwrite arbitrary files. • Users must update to specific package versions to mitigate the risk.

Key Entities

• CVE-2026-5958 (cve)
• Cwe-362 - Race Condition (cwe)
• T1485 - Data Destruction (mitre_attack)
• GNU Sed (platform)
• Ubuntu (company)
• Sed In-place Edits Symbolic Links Vulnerability (vulnerability)