CVE-2026-41433 - OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR
CVE ID :CVE-2026-41433 Published : April 24, 2026, 7:26 p.m. | 31 minutes ago Description :OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlli
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] potential crucial vulnerability?
- [CYBER] Firestarter malware survives Cisco firewall updates, security patches
- [CYBER] Second Interview
- [CYBER] Detect Shulfar Malware Encrypted TCP C&C Traffic Using PacketSmith Yara-X Detection Module
- [CYBER] Hand off from SentinelOne to Insurance Provider's DFIR
- [CYBER] Metasploit Wrap-Up 04/25/2026