EIP-2026-104600
PRE-CVEMacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104600. PoCs published by Matt Johnston.
AI-analyzed exploit summary The exploit describes a symbolic link attack vulnerability in RsyncX's scheduler component due to insecure temporary file creation in /tmp/cron_rsyncxtmp. A local attacker can manipulate this to overwrite critical files like /etc/crontab by creating a symlink.
Description
MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Matt Johnston · textlocalosx
https://www.exploit-db.com/exploits/24609
The exploit describes a symbolic link attack vulnerability in RsyncX's scheduler component due to insecure temporary file creation in /tmp/cron_rsyncxtmp. A local attacker can manipulate this to overwrite critical files like /etc/crontab by creating a symlink.
Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:
RsyncX (version not specified)
No auth needed
Prerequisites:
Local access to the system · RsyncX scheduler component in use
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026