CVE-2021-41387
8.8 HIGHseatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root
Published: 2021-09-17 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 8.8 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-426
Affected products
| Vendor | Product |
|---|---|
| seatd_project | seatd |
Description
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-53865 — OpenClaw before 2026.5.2 contains a path traversal vulnerability in maintenance task execution that allows workspace-derived service path... (7.1 HIGH)
- CVE-2026-53858 — OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATE_DIRECTORY could influence bu... (7.1 HIGH)
- CVE-2026-53846 — OpenClaw before 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env files to override the ... (7.1 HIGH)
- CVE-2026-53842 — OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runti... (7.1 HIGH)
- CVE-2026-54055 — Kitty is a cross-platform GPU based terminal (5.0 MEDIUM)