CVE-2026-35343
Improper Output Filtering in uutils coreutils cut Utility
Publication date: 2026-04-22
Last updated on: 2026-05-04
Assigner: Canonical Ltd.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| uutils | coreutils | to 0.7.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-670 | The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the cut utility of uutils coreutils where the -s (only-delimited) option is incorrectly handled when a newline character is used as the delimiter.
Specifically, the implementation does not verify the only_delimited flag in the cut_fields_newline_char_delim function, which causes the utility to print lines that are not delimited, even though they should have been suppressed.
This flaw can result in unexpected data being output and passed to downstream scripts that expect strict filtering based on delimiters.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the cut utility to output lines that should have been suppressed, leading to unexpected or incorrect data being passed to downstream scripts or processes.
If your workflows or scripts rely on the strict filtering of data using the -s option with newline delimiters, this flaw could cause them to process unintended data, potentially leading to errors or incorrect results.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in the cut utility causes it to incorrectly handle the -s option with newline delimiters, resulting in non-delimited lines being printed when they should be suppressed.
This behavior can lead to unexpected data being passed to downstream scripts that rely on strict output filtering.
Such unintended data leakage or improper filtering could potentially impact compliance with data protection standards and regulations like GDPR or HIPAA, which require strict control over data handling and processing.
However, the provided information does not explicitly discuss compliance impacts or regulatory considerations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the incorrect handling of the -s (only-delimited) option in the uutils coreutils cut utility when the delimiter is a newline character. Detection would involve verifying if the cut utility version in use exhibits this incorrect behavior by testing the output of cut commands that use the -s flag with newline delimiters.
A practical approach to detect the vulnerability is to run a cut command with the -s option and a newline delimiter on input containing lines both with and without the delimiter, then check if non-delimited lines are incorrectly printed.
Example command to test the behavior:
- echo -e "line1\nline2\nline3" | cut -s -d $'\n' -f 2
If the utility prints lines that do not contain the delimiter (non-delimited lines), it indicates the vulnerability is present.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the uutils coreutils package to a version that includes the fix for CVE-2026-35343, such as the Rust Coreutils version 0.7.0 or later.
This update corrects the handling of the -s flag with newline delimiters and includes multiple performance and safety improvements.
If immediate updating is not possible, avoid using the cut utility with the -s option and newline delimiters in scripts or workflows to prevent unexpected data leakage.