CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
Also known as: File descriptor leak
A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.
Last updated
Overview
When a new process is forked or executed, the child process inherits any open file descriptors. When the child process has fewer privileges than the parent process, this might introduce a vulnerability if the child process can access the file descriptor but does not have the privileges to access the associated file.
Real-world CVEs
4 recorded CVEs are caused by CWE-403 (Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')). The highest-severity and most recent are shown first. 1 new CWE-403 CVE has been recorded so far in 2026 (3 in 2025).
- CVE-2026-40042
Pachno 1.0.6 Wiki TextParser XML External Entity Injection
Critical · CVSS 9.8 · EPSS 25th2026-04-13 - CVE-2025-15114
Ksenia Security lares Home Automation 1.6 PIN Exposure Vulnerability
Critical · CVSS 9.8 · EPSS 11th2025-12-30 - CVE-2024-58280
CMSimple 5.15 Remote Command Execution via Extensions Configuration