CVE-2026-6970
Description
authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID (GID) differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was manually changed via the `authctl group set-gid` command, and the user's identity provider record is updated, authd incorrectly resets the user's primary group ID to their UID upon next login. This causes newly created files and directories to be owned by the wrong group, causing denial of service issues, and potentially granting unintended access to other local users and allowing local privilege escalation.
Is your site exposed to CVE-2026-6970?
Run a free security scan — no signup, results in seconds.
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2026-6970? +
How do I check if I'm vulnerable to CVE-2026-6970? +
Related Vulnerabilities
An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign in. …
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication method …
eLabFTW is an open source electronic lab notebook for research labs. In the context of eLabFTW, an administrator is a …