Ghostwire

CVE-2026-50130: Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From...

HIGH CVSS 0.0 EPSS 0.22%

Published: July 14, 2026 | Last Modified: July 14, 2026

Description

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotate. The replacement is laundered to root:root ownership by pihole-FTL-prestart.sh and then parsed as root by the daily pihole flush cron, executing firstaction shell as uid 0. This issue is fixed in version 6.4.3.

Ghostwire Analysis — What This Means Practically

Exploitation Probability (EPSS): Low — 0.22% (13th percentile)

Low exploitation probability based on current threat landscape data. Standard patching timeline is appropriate.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References