NVD HIGH: CVE-2026-44468 — The affected product creates a directory with insecure default permissions durin...

Tuesday, May 26, 2026 at 08:16 AM UTC·Source: NIST NVD

Updated: Monday, June 1, 2026 at 08:00 AM UTC

Executive Summary

The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-44468

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 26, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Trump Signs Voluntary AI Cyber Review Order

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/trump-signs-voluntary-ai-cyber-review-order-image_small-6-a-31833.jpg" align=right hspace=4><b>White House Cuts Proposed AI Review Period From 90 Days to 30</b><br>President Trump signed an executive order creating a voluntary framework for evaluating advanced AI systems with significant cybersecurity capabilities, directing NSA,

11m agoBank Info Security

MEDIUMVulnerabilityNEW

White House unveils pared-back AI executive order

The order notes that federal access to the models should be subject to “appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements.”

28m agoThe Record

MEDIUMVulnerabilityNEW

EBA and NYDFS ink stablecoin MoU

The European Banking Authority (EBA) has signed a Memorandum of Understanding (MoU) with the New York State Department of Financial Services (NYDFS) under the Markets in Crypto-Assets Regulation (MiCA).

51m agoFinextra