npm CLI 10.9.0 LPE via Unsecured Module Loading
CVE-2026-0775 Published on January 23, 2026

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability
npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of modules. The application loads modules from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user. Was ZDI-CAN-25430.

NVD

Vulnerability Analysis

CVE-2026-0775 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. When a resource is given a permissions setting that provides access to a wider range of actors than required, it could lead to the exposure of sensitive information, or the modification of that resource by unintended parties. This is especially dangerous when the resource is related to program configuration, execution or sensitive user data.


Products Associated with CVE-2026-0775

Want to know whenever a new CVE is published for Red Hat products? stack.watch will email you.

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Affected Versions

npm cli: Red Hat Confidential Compute Attestation: Red Hat Cryostat 4: Logging Subsystem for Red Hat OpenShift: Red Hat Migration Toolkit for Containers: Red Hat Multicluster Engine for Kubernetes: Red Hat Network Observability Operator: Red Hat Node HealthCheck Operator: Red Hat OpenShift Lightspeed: Red Hat OpenShift Pipelines: Red Hat OpenShift Serverless: Red Hat 3scale API Management Platform 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat AMQ Broker 7: Red Hat Ansible Automation Platform 2: Red Hat build of Apache Camel - HawtIO 4: Red Hat Connectivity Link 1: Red Hat Developer Hub: Red Hat Enterprise Linux 10: Red Hat Enterprise Linux 8: Red Hat Enterprise Linux 9: Red Hat Enterprise Linux AI (RHEL AI) 3: Red Hat Fuse 7: Red Hat JBoss Enterprise Application Platform 7: Red Hat JBoss Enterprise Application Platform 8: Red Hat JBoss Enterprise Application Platform Expansion Pack: Red Hat OpenShift AI (RHOAI): Red Hat OpenShift Container Platform 4: Red Hat Openshift Data Foundation 4: Red Hat OpenShift Dev Spaces: Red Hat OpenShift GitOps: Red Hat Quay 3: Red Hat Satellite 6: Red Hat Single Sign-On 7: Red Hat Trusted Artifact Signer:

Exploit Probability

EPSS
0.25%
Percentile
15.79%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.