[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-10010":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":271,"aliases":286,"duplicate_of":9,"upstream":287,"downstream":288,"duplicates":301,"related":302,"reserved_at":9,"published_at":305,"modified_at":306,"state":307,"summary":308,"references_raw":316,"kevs":376,"epss":377,"epss_history":380,"metrics":652,"affected":667},"CVE-2016-10010","sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-264","Permissions, Privileges, and Access Controls","Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.","category","Obsolete",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-269","Improper Privilege Management","The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.","weakness","Draft","Class","Medium",[27,189,267],{"id":28,"name":29,"techniques":30},"CAPEC-122","Privilege Abuse",[31],{"id":32,"name":33,"tactics":34,"countermeasures":41},"T1548","Abuse Elevation Control Mechanism",[35,38],{"id":36,"name":37},"TA0030","Defense Evasion",{"id":39,"name":40},"TA0111","Privilege Escalation",[42,47,51,55,59,64,68,72,76,80,84,88,92,96,101,105,110,115,119,123,127,132,136,140,144,148,153,157,161,165,169,173,177,181,185],{"id":43,"name":44,"tactic":45},"D3-CI","Configuration Inventory",{"name":46},"Model",{"id":48,"name":49,"tactic":50},"D3-AM","Access Modeling",{"name":46},{"id":52,"name":53,"tactic":54},"D3-DI","Data Inventory",{"name":46},{"id":56,"name":57,"tactic":58},"D3-NTPM","Network Traffic Policy Mapping",{"name":46},{"id":60,"name":61,"tactic":62},"D3-AEM","Application Exception Monitoring",{"name":63},"Detect",{"id":65,"name":66,"tactic":67},"D3-SCA","System Call Analysis",{"name":63},{"id":69,"name":70,"tactic":71},"D3-SFA","System File Analysis",{"name":63},{"id":73,"name":74,"tactic":75},"D3-FA","File Analysis",{"name":63},{"id":77,"name":78,"tactic":79},"D3-FIM","File Integrity Monitoring",{"name":63},{"id":81,"name":82,"tactic":83},"D3-OPM","Operational Process Monitoring",{"name":63},{"id":85,"name":86,"tactic":87},"D3-DA","Dynamic Analysis",{"name":63},{"id":89,"name":90,"tactic":91},"D3-EFA","Emulated File Analysis",{"name":63},{"id":93,"name":94,"tactic":95},"D3-PSA","Process Spawn Analysis",{"name":63},{"id":97,"name":98,"tactic":99},"D3-FEV","File Eviction",{"name":100},"Evict",{"id":102,"name":103,"tactic":104},"D3-AL","Account Locking",{"name":100},{"id":106,"name":107,"tactic":108},"D3-DF","Decoy File",{"name":109},"Deceive",{"id":111,"name":112,"tactic":113},"D3-FE","File Encryption",{"name":114},"Harden",{"id":116,"name":117,"tactic":118},"D3-AA","Agent Authentication",{"name":114},{"id":120,"name":121,"tactic":122},"D3-CDP","Change Default Password",{"name":114},{"id":124,"name":125,"tactic":126},"D3-SCP","System Configuration Permissions",{"name":114},{"id":128,"name":129,"tactic":130},"D3-RC","Restore Configuration",{"name":131},"Restore",{"id":133,"name":134,"tactic":135},"D3-RF","Restore File",{"name":131},{"id":137,"name":138,"tactic":139},"D3-ULA","Unlock Account",{"name":131},{"id":141,"name":142,"tactic":143},"D3-RUAA","Restore User Account Access",{"name":131},{"id":145,"name":146,"tactic":147},"D3-RD","Restore Database",{"name":131},{"id":149,"name":150,"tactic":151},"D3-SCF","System Call Filtering",{"name":152},"Isolate",{"id":154,"name":155,"tactic":156},"D3-CF","Content Filtering",{"name":152},{"id":158,"name":159,"tactic":160},"D3-LFP","Local File Permissions",{"name":152},{"id":162,"name":163,"tactic":164},"D3-RFAM","Remote File Access Mediation",{"name":152},{"id":166,"name":167,"tactic":168},"D3-CQ","Content Quarantine",{"name":152},{"id":170,"name":171,"tactic":172},"D3-CM","Content Modification",{"name":152},{"id":174,"name":175,"tactic":176},"D3-UAP","User Account Permissions",{"name":152},{"id":178,"name":179,"tactic":180},"D3-EAL","Executable Allowlisting",{"name":152},{"id":182,"name":183,"tactic":184},"D3-EDL","Executable Denylisting",{"name":152},{"id":186,"name":187,"tactic":188},"D3-HBPI","Hardware-based Process Isolation",{"name":152},{"id":190,"name":40,"techniques":191},"CAPEC-233",[192],{"id":32,"name":33,"tactics":193,"countermeasures":196},[194,195],{"id":36,"name":37},{"id":39,"name":40},[197,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265],{"id":43,"name":44,"tactic":198},{"name":46},{"id":48,"name":49,"tactic":200},{"name":46},{"id":52,"name":53,"tactic":202},{"name":46},{"id":56,"name":57,"tactic":204},{"name":46},{"id":60,"name":61,"tactic":206},{"name":63},{"id":65,"name":66,"tactic":208},{"name":63},{"id":69,"name":70,"tactic":210},{"name":63},{"id":73,"name":74,"tactic":212},{"name":63},{"id":77,"name":78,"tactic":214},{"name":63},{"id":81,"name":82,"tactic":216},{"name":63},{"id":85,"name":86,"tactic":218},{"name":63},{"id":89,"name":90,"tactic":220},{"name":63},{"id":93,"name":94,"tactic":222},{"name":63},{"id":97,"name":98,"tactic":224},{"name":100},{"id":102,"name":103,"tactic":226},{"name":100},{"id":106,"name":107,"tactic":228},{"name":109},{"id":111,"name":112,"tactic":230},{"name":114},{"id":116,"name":117,"tactic":232},{"name":114},{"id":120,"name":121,"tactic":234},{"name":114},{"id":124,"name":125,"tactic":236},{"name":114},{"id":128,"name":129,"tactic":238},{"name":131},{"id":133,"name":134,"tactic":240},{"name":131},{"id":137,"name":138,"tactic":242},{"name":131},{"id":141,"name":142,"tactic":244},{"name":131},{"id":145,"name":146,"tactic":246},{"name":131},{"id":149,"name":150,"tactic":248},{"name":152},{"id":154,"name":155,"tactic":250},{"name":152},{"id":158,"name":159,"tactic":252},{"name":152},{"id":162,"name":163,"tactic":254},{"name":152},{"id":166,"name":167,"tactic":256},{"name":152},{"id":170,"name":171,"tactic":258},{"name":152},{"id":174,"name":175,"tactic":260},{"name":152},{"id":178,"name":179,"tactic":262},{"name":152},{"id":182,"name":183,"tactic":264},{"name":152},{"id":186,"name":187,"tactic":266},{"name":152},{"id":268,"name":269,"techniques":270},"CAPEC-58","Restful Privilege Elevation",[],[272],{"_key":273,"name":274,"source":275,"url":276,"maturity":277,"reliability_score":278,"verified":279,"type":280,"platforms":281,"requires_auth":9,"exploitdb":283,"metasploit":9},"40962","OpenSSH \u003C 7.4 - 'UsePrivilegeSeparation Disabled' Forwarded Unix Domain Sockets Privilege Escalation","exploit-database","https://www.exploit-db.com/exploits/40962","weaponized",0.8,true,"local",[282],"linux",{"verified":279,"type":280,"platform":282,"file":284,"codes":285},"exploits/linux/local/40962.txt",[7],[],[],[289,291,293,295,297,299],{"_key":290},"ALPINE-CVE-2016-10010",{"_key":292},"SUSE-SU-2017:0264-1",{"_key":294},"OPENSUSE-SU-2024:11124-1",{"_key":296},"DEBIAN-CVE-2016-10010",{"_key":298},"UBUNTU-CVE-2016-10010",{"_key":300},"USN-3538-1",[],[303,304],{"_key":292},{"_key":294},"2017-01-05T00:00:00.000Z","2026-05-29T20:22:43.698Z","Modified",{"cisa_kev":309,"cisa_ransomware":309,"cisa_vendor":9,"epss_severity":310,"epss_score":311,"severity":312,"severity_score":4,"severity_version":313,"severity_source":314,"severity_vector":315,"severity_status":307},false,"low",0.00087,"high","v3.1","nvd","CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",[317,323,327,333,337,341,346,350,355,360,364,368,372],{"url":318,"sources":319,"tags":321},"http://www.securityfocus.com/bid/94972",[320,314],"cve.org",[322],"VDB Entry",{"url":324,"sources":325,"tags":326},"https://security.netapp.com/advisory/ntap-20171130-0002/",[320,314],[],{"url":328,"sources":329,"tags":330},"http://www.openwall.com/lists/oss-security/2016/12/19/2",[320,314],[331,332],"Mailing List","Release Notes",{"url":334,"sources":335,"tags":336},"http://www.securitytracker.com/id/1037490",[320,314],[322],{"url":338,"sources":339,"tags":340},"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us",[320,314],[],{"url":342,"sources":343,"tags":344},"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc",[320,314],[345],"Vendor Advisory",{"url":347,"sources":348,"tags":349},"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637",[320,314],[],{"url":351,"sources":352,"tags":353},"https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce",[320,314],[354],"Patch",{"url":356,"sources":357,"tags":358},"https://www.exploit-db.com/exploits/40962/",[320,314],[359],"Exploit",{"url":361,"sources":362,"tags":363},"https://bugs.chromium.org/p/project-zero/issues/detail?id=1010",[320,314],[],{"url":365,"sources":366,"tags":367},"http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html",[320,314],[],{"url":369,"sources":370,"tags":371},"https://www.openssh.com/txt/release-7.4",[320,314],[],{"url":373,"sources":374,"tags":375},"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",[320,314],[],[],{"date":378,"score":311,"percentile":379},"2026-06-04",0.24893,[381,385,388,391,393,396,399,402,405,408,410,413,416,419,422,425,428,431,434,437,440,443,446,449,452,455,458,461,465,468,471,474,477,480,483,486,489,492,495,498,500,504,507,510,513,516,519,522,525,528,531,534,537,540,544,547,550,553,556,560,563,566,569,572,575,578,580,582,585,588,591,594,597,600,603,606,610,613,616,619,622,625,628,631,634,637,640,643,646,649],{"date":382,"score":383,"percentile":384},"2025-11-04",0.0008,0.24307,{"date":386,"score":383,"percentile":387},"2025-11-05",0.2429,{"date":389,"score":383,"percentile":390},"2025-11-06",0.24298,{"date":392,"score":383,"percentile":384},"2025-11-07",{"date":394,"score":383,"percentile":395},"2025-11-08",0.24311,{"date":397,"score":383,"percentile":398},"2025-11-09",0.24268,{"date":400,"score":383,"percentile":401},"2025-11-10",0.24227,{"date":403,"score":383,"percentile":404},"2025-11-11",0.24233,{"date":406,"score":383,"percentile":407},"2025-11-12",0.24265,{"date":409,"score":383,"percentile":398},"2025-11-13",{"date":411,"score":383,"percentile":412},"2025-11-14",0.2426,{"date":414,"score":383,"percentile":415},"2025-11-15",0.24245,{"date":417,"score":383,"percentile":418},"2025-11-16",0.24198,{"date":420,"score":383,"percentile":421},"2025-11-17",0.24153,{"date":423,"score":383,"percentile":424},"2025-11-18",0.19816,{"date":426,"score":383,"percentile":427},"2025-11-19",0.19833,{"date":429,"score":383,"percentile":430},"2025-11-20",0.19811,{"date":432,"score":383,"percentile":433},"2025-11-21",0.24074,{"date":435,"score":383,"percentile":436},"2025-11-22",0.24072,{"date":438,"score":383,"percentile":439},"2025-11-23",0.24021,{"date":441,"score":383,"percentile":442},"2025-11-24",0.2399,{"date":444,"score":383,"percentile":445},"2025-11-25",0.23979,{"date":447,"score":383,"percentile":448},"2025-11-26",0.23963,{"date":450,"score":383,"percentile":451},"2025-11-27",0.23956,{"date":453,"score":383,"percentile":454},"2025-11-28",0.23933,{"date":456,"score":383,"percentile":457},"2025-11-29",0.23913,{"date":459,"score":383,"percentile":460},"2025-11-30",0.23892,{"date":462,"score":463,"percentile":464},"2025-12-01",0.0014,0.34798,{"date":466,"score":463,"percentile":467},"2025-12-02",0.34809,{"date":469,"score":463,"percentile":470},"2025-12-03",0.34807,{"date":472,"score":383,"percentile":473},"2025-12-04",0.23896,{"date":475,"score":383,"percentile":476},"2025-12-05",0.23945,{"date":478,"score":383,"percentile":479},"2025-12-06",0.23944,{"date":481,"score":383,"percentile":482},"2025-12-07",0.23908,{"date":484,"score":383,"percentile":485},"2025-12-08",0.23915,{"date":487,"score":383,"percentile":488},"2025-12-09",0.23974,{"date":490,"score":383,"percentile":491},"2025-12-10",0.24044,{"date":493,"score":383,"percentile":494},"2025-12-11",0.24066,{"date":496,"score":383,"percentile":497},"2025-12-12",0.24082,{"date":499,"score":383,"percentile":497},"2025-12-13",{"date":501,"score":502,"percentile":503},"2025-12-14",0.00093,0.2665,{"date":505,"score":502,"percentile":506},"2025-12-15",0.26621,{"date":508,"score":502,"percentile":509},"2025-12-16",0.2663,{"date":511,"score":502,"percentile":512},"2025-12-17",0.2669,{"date":514,"score":502,"percentile":515},"2025-12-18",0.26741,{"date":517,"score":502,"percentile":518},"2025-12-19",0.26751,{"date":520,"score":502,"percentile":521},"2025-12-20",0.26723,{"date":523,"score":502,"percentile":524},"2025-12-21",0.26684,{"date":526,"score":502,"percentile":527},"2025-12-22",0.26652,{"date":529,"score":502,"percentile":530},"2025-12-23",0.26622,{"date":532,"score":502,"percentile":533},"2025-12-24",0.26638,{"date":535,"score":502,"percentile":536},"2025-12-25",0.26712,{"date":538,"score":502,"percentile":539},"2025-12-26",0.26702,{"date":541,"score":542,"percentile":543},"2025-12-27",0.00139,0.34656,{"date":545,"score":502,"percentile":546},"2025-12-28",0.26574,{"date":548,"score":502,"percentile":549},"2025-12-29",0.26541,{"date":551,"score":502,"percentile":552},"2025-12-30",0.26539,{"date":554,"score":502,"percentile":555},"2025-12-31",0.266,{"date":557,"score":558,"percentile":559},"2026-01-01",0.00142,0.35121,{"date":561,"score":558,"percentile":562},"2026-01-02",0.35114,{"date":564,"score":558,"percentile":565},"2026-01-03",0.35098,{"date":567,"score":502,"percentile":568},"2026-01-04",0.26587,{"date":570,"score":502,"percentile":571},"2026-01-05",0.26575,{"date":573,"score":502,"percentile":574},"2026-01-06",0.26582,{"date":576,"score":502,"percentile":577},"2026-01-07",0.26609,{"date":579,"score":502,"percentile":527},"2026-01-08",{"date":581,"score":502,"percentile":533},"2026-01-09",{"date":583,"score":502,"percentile":584},"2026-01-10",0.26611,{"date":586,"score":502,"percentile":587},"2026-01-11",0.26588,{"date":589,"score":502,"percentile":590},"2026-01-12",0.26543,{"date":592,"score":502,"percentile":593},"2026-01-13",0.26525,{"date":595,"score":502,"percentile":596},"2026-01-14",0.26569,{"date":598,"score":502,"percentile":599},"2026-01-15",0.26566,{"date":601,"score":502,"percentile":602},"2026-01-16",0.26598,{"date":604,"score":502,"percentile":605},"2026-01-17",0.26602,{"date":607,"score":608,"percentile":609},"2026-01-18",0.00095,0.27131,{"date":611,"score":608,"percentile":612},"2026-01-19",0.27089,{"date":614,"score":608,"percentile":615},"2026-01-20",0.27072,{"date":617,"score":608,"percentile":618},"2026-01-21",0.27019,{"date":620,"score":608,"percentile":621},"2026-01-22",0.26996,{"date":623,"score":502,"percentile":624},"2026-01-23",0.26493,{"date":626,"score":502,"percentile":627},"2026-01-24",0.26494,{"date":629,"score":502,"percentile":630},"2026-01-25",0.26415,{"date":632,"score":502,"percentile":633},"2026-01-26",0.2633,{"date":635,"score":502,"percentile":636},"2026-01-27",0.26314,{"date":638,"score":502,"percentile":639},"2026-01-28",0.26307,{"date":641,"score":502,"percentile":642},"2026-01-29",0.26264,{"date":644,"score":502,"percentile":645},"2026-01-30",0.26258,{"date":647,"score":502,"percentile":648},"2026-01-31",0.26257,{"date":650,"score":558,"percentile":651},"2026-02-01",0.34696,[653,665],{"source":314,"cvss_v2_0":654,"cvss_v3_0":659,"cvss_v3_1":664,"cvss_v4_0":9},{"baseScore":655,"baseSeverity":9,"vectorString":656,"impactScore":657,"exploitabilityScore":658},6.9,"AV:L/AC:M/Au:N/C:C/I:C/A:C",10,3.4,{"baseScore":4,"baseSeverity":660,"vectorString":661,"impactScore":662,"exploitabilityScore":663},"HIGH","CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,2.6,{"baseScore":4,"baseSeverity":660,"vectorString":315,"impactScore":662,"exploitabilityScore":663},{"source":320,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":666,"cvss_v4_0":9},{"baseScore":4,"baseSeverity":660,"vectorString":315,"impactScore":662,"exploitabilityScore":663},[668],{"ecosystem":9,"name":669,"vendor":670,"product":669,"cpe_part":671,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":672},"openssh","openbsd","a",[673],{"version":674,"is_range":279,"range_type":675,"version_start":9,"version_start_type":9,"version_end":676,"version_end_type":677,"fixed_in":9},"lte7.3","cpe","7.3","including"]