CVE-2026-35343

· NIST NVD ↗

The cut utility in uutils coreutils incorrectly handles the -s (only-delimited) option when a newline character is specified as the delimiter. The implementation fails to verify the only_delimited flag in the cut_fields_newline_char_delim function, causing the utility to print non-delimited lines that should have been suppressed. This can lead to unexpected data being passed to downstream scripts that rely on strict output filtering.

LOW
CVSS severity
3.3
CVSS base score
2026-04-22
Published

CWE codes

CWE-670

Affected products

uutils:coreutils

Sources