Dossier
CVE-2026-43499
Coverage of CVE-2026-43499 in the Nexus archive.
- 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
Researchers at Nebula Security disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw enabling any logged-in user to gain root control on unpatched systems. The vulnerability has existed in default code across most mainstream Linux distributions since 2011 and requires no special permissions or network access.