Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 25.10 NNCP Critical File Access Issue USN-8359-1

ubuntu
Calendar Grey June 1, 2026
Dist Ubuntu Esm H88
NNCP vulnerability on Ubuntu allows unintended file access. Update your system to mitigate risks from CVE-2025-60020.
NNCP could allow unintended access to files.

Summary

NNCP could allow unintended access to files.

Software Description:

- nncp: package facilitating secure store-and-forward file and mail exchange

Details:

It was discovered that NNCP did not properly sanitize file paths

in packet data during file requesting and file saving operations. A

remote attacker could possibly use this issue to read or write

arbitrary files outside of the intended directory.

Topics%20covered

Topics Covered

security advisory information leak critical Ubuntu file access nncp

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  nncp                            8.11.0-4+deb13u1build0.25.10.1

Ubuntu 24.04 LTS
  nncp                            8.10.0-8ubuntu0.3+esm3
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  nncp                            8.5.0-1ubuntu0.1+esm3
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary
changes.

References

https://ubuntu.com/security/notices/USN-8359-1

CVE-2025-60020

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8359-1

Topics%20covered

Topics Covered

security advisory information leak critical Ubuntu file access nncp

Package Information

https://launchpad.net/ubuntu/+source/nncp/8.11.0-4+deb13u1build0.25.10.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here