Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-32810

Halloy is an IRC application written in Rust. In versions on \*nix and macOS prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, halloy creates its config directory and files using default umask permissions, which typically results in `0644` on files and `0755` on directories. This allows any local user on the system to read plaintext credentials stored in `config.toml` or referenced `password_file` paths. Commit f180e41061db393acf65bc99f5c5e7397586d9cb patches the issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.3%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2026-32810
  • Halloy » Halloy » Version: 2023.2
    cpe:2.3:a:halloy:halloy:2023.2
  • Halloy » Halloy » Version: 2023.3
    cpe:2.3:a:halloy:halloy:2023.3
  • Halloy » Halloy » Version: 2023.4
    cpe:2.3:a:halloy:halloy:2023.4
  • Halloy » Halloy » Version: 2023.5
    cpe:2.3:a:halloy:halloy:2023.5
  • Halloy » Halloy » Version: 2024.1
    cpe:2.3:a:halloy:halloy:2024.1
  • Halloy » Halloy » Version: 2024.10
    cpe:2.3:a:halloy:halloy:2024.10
  • Halloy » Halloy » Version: 2024.11
    cpe:2.3:a:halloy:halloy:2024.11
  • Halloy » Halloy » Version: 2024.12
    cpe:2.3:a:halloy:halloy:2024.12
  • Halloy » Halloy » Version: 2024.13
    cpe:2.3:a:halloy:halloy:2024.13
  • Halloy » Halloy » Version: 2024.14
    cpe:2.3:a:halloy:halloy:2024.14
  • Halloy » Halloy » Version: 2024.2
    cpe:2.3:a:halloy:halloy:2024.2
  • Halloy » Halloy » Version: 2024.3
    cpe:2.3:a:halloy:halloy:2024.3
  • Halloy » Halloy » Version: 2024.4
    cpe:2.3:a:halloy:halloy:2024.4
  • Halloy » Halloy » Version: 2024.5
    cpe:2.3:a:halloy:halloy:2024.5
  • Halloy » Halloy » Version: 2024.6
    cpe:2.3:a:halloy:halloy:2024.6
  • Halloy » Halloy » Version: 2024.7
    cpe:2.3:a:halloy:halloy:2024.7
  • Halloy » Halloy » Version: 2024.8
    cpe:2.3:a:halloy:halloy:2024.8
  • Halloy » Halloy » Version: 2024.9
    cpe:2.3:a:halloy:halloy:2024.9
  • Halloy » Halloy » Version: 2025.1
    cpe:2.3:a:halloy:halloy:2025.1
  • Halloy » Halloy » Version: 2025.10
    cpe:2.3:a:halloy:halloy:2025.10
  • Halloy » Halloy » Version: 2025.11
    cpe:2.3:a:halloy:halloy:2025.11
  • Halloy » Halloy » Version: 2025.12
    cpe:2.3:a:halloy:halloy:2025.12
  • Halloy » Halloy » Version: 2025.2
    cpe:2.3:a:halloy:halloy:2025.2
  • Halloy » Halloy » Version: 2025.3
    cpe:2.3:a:halloy:halloy:2025.3
  • Halloy » Halloy » Version: 2025.4
    cpe:2.3:a:halloy:halloy:2025.4
  • Halloy » Halloy » Version: 2025.5
    cpe:2.3:a:halloy:halloy:2025.5
  • Halloy » Halloy » Version: 2025.6
    cpe:2.3:a:halloy:halloy:2025.6
  • Halloy » Halloy » Version: 2025.7
    cpe:2.3:a:halloy:halloy:2025.7
  • Halloy » Halloy » Version: 2025.8
    cpe:2.3:a:halloy:halloy:2025.8
  • Halloy » Halloy » Version: 2025.9
    cpe:2.3:a:halloy:halloy:2025.9
  • Halloy » Halloy » Version: 2026.1
    cpe:2.3:a:halloy:halloy:2026.1
  • Halloy » Halloy » Version: 2026.1.1
    cpe:2.3:a:halloy:halloy:2026.1.1
  • Halloy » Halloy » Version: 2026.2
    cpe:2.3:a:halloy:halloy:2026.2
  • Halloy » Halloy » Version: 2026.3
    cpe:2.3:a:halloy:halloy:2026.3
  • Halloy » Halloy » Version: 2026.4
    cpe:2.3:a:halloy:halloy:2026.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved