EIP-2026-103009
PRE-CVESudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-103009. PoCs published by Breno Silva Pinto.
AI-analyzed exploit summary This exploit leverages a vulnerability in sudo versions prior to 1.6.8p10 to escalate privileges to root. It manipulates the SHELLOPTS and PS4 environment variables to execute arbitrary commands with root privileges via a sudo-enabled script.
Description
Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Breno Silva Pinto · textlocallinux
https://www.exploit-db.com/exploits/1310
This exploit leverages a vulnerability in sudo versions prior to 1.6.8p10 to escalate privileges to root. It manipulates the SHELLOPTS and PS4 environment variables to execute arbitrary commands with root privileges via a sudo-enabled script.
Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target:
sudo < 1.6.8p10
Auth required
Prerequisites:
sudo access to execute a specific script · ability to set environment variables
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026