0.2.1
0.2.0
CVE-2026-21882 describes a local Privilege Escalation vulnerability within theshit. This flaw allows an attacker to execute arbitrary commands with root privileges due to improper privilege handling during command re-execution. The vulnerability impacts versions prior to 0.2.0, and a fix is available in version 0.2.0.
The vulnerability stems from the application's behavior of automatically re-executing previously failed commands without properly restoring the original user context. When theshit is run with elevated privileges (e.g., using sudo), it records the last executed command and attempts to rerun it. However, the application fails to drop these elevated privileges before re-executing, resulting in the command being executed with root access. This can allow an attacker to gain persistent root access to the system, potentially leading to complete compromise. The impact is significant, as it enables arbitrary code execution with the highest privileges, bypassing standard security controls.
CVE-2026-21882 was publicly disclosed on 2026-03-02. The vulnerability's exploitation context is currently unclear, and no public proof-of-concept (PoC) has been identified. The EPSS score is pending evaluation. It is recommended to prioritize patching due to the potential for significant impact if exploited.
Systems where theshit is deployed and executed with elevated privileges (e.g., using sudo) are at significant risk. This includes development environments, automated build systems, and production servers where theshit is used for administrative tasks. Users who have configured theshit to run with root privileges are particularly vulnerable.
• rust / server:
ps aux | grep theshit• rust / supply-chain:
find / -name 'theshit' -type f -print• generic web:
curl -I http://localhost/theshitdisclosure
エクスプロイト状況
EPSS
0.02% (4% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2026-21882 is to upgrade to version 0.2.0 or later, which addresses the improper privilege handling. If upgrading immediately is not feasible, consider restricting the use of sudo with theshit to only trusted users and processes. Implement strict input validation and sanitization for any commands passed to theshit to prevent malicious code injection. Monitor system logs for suspicious activity related to theshit, particularly commands executed with elevated privileges. After upgrading, confirm the fix by attempting to re-execute a previously failed command with sudo and verifying that the command is no longer executed with root privileges.
Actualice la utilidad theshit a la versión 0.2.0 o posterior. Esto corrige la vulnerabilidad de escalada de privilegios local debido a un manejo incorrecto de la eliminación de privilegios durante la re-ejecución de comandos.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-21882 is a local Privilege Escalation vulnerability in theshit, allowing attackers to gain root access by exploiting improper privilege handling during command re-execution.
You are affected if you are using theshit versions prior to 0.2.0 and the application is executed with elevated privileges.
Upgrade to version 0.2.0 or later to remediate the vulnerability. If immediate upgrade is not possible, restrict sudo usage and implement strict input validation.
Currently, there is no confirmed active exploitation of CVE-2026-21882, but it is recommended to patch promptly due to its potential impact.
Refer to the official theshit project's website or repository for the advisory related to CVE-2026-21882.
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。
Cargo.lock ファイルをアップロードすると、影響の有無を即座にお知らせします。