GHSA-9g7j-rcqf-cpcx · Severity: low — GNU nano creates the user’s ~/.local directory with overly permissive permissions when the...
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Conclusion & alert: This CVE is rejected; it is not tracked as an active vulnerability. Mandatory action: Do not treat as an active exposure for patching queues—follow the CVE record status and authoritative vendor or program statements only.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
EPSS has not published a score for this CVE yet—common while NVD analysis or FIRST scoring is still pending. Monitor daily updates and reassess once scores appear.
CVSS metrics for this CVE.
No CVSS data in dataset for this CVE.
GHSA-9g7j-rcqf-cpcx · Severity: low — GNU nano creates the user’s ~/.local directory with overly permissive permissions when the...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
not yet assigned | CVE-2026-40556 not yet assigned priority: Debian including 1 source packages (nano), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 3, resolved 2. | https://security-tracker.debian.org/tracker/CVE-2026-40556 |
ubuntu
|
medium | CVE-2026-40556 medium priority: Ubuntu including 1 source packages (nano), 9 status rows across 9 suites (bionic, focal, jammy, noble, questing, resolute, trusty, upstream, xenial): not-affected 8, released 1. | https://ubuntu.com/security/CVE-2026-40556 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| No affected products in dataset. | |||
| URL | Tags |
|---|---|
| No references in dataset. | |