CVE- 2026-31694 is a critical vulnerability in the Linux kernel related to FUSE that allows local users to exploit a page cache overflow to gain root privileges. The issue has a CVSS score of 7.8 (high) and affects a range of recent Linux kernel versions. It enables attackers to bypass normal restrictions by simply mounting a FUSE filesystem, which many environments permit. Researchers have disclosed the details of the exploit and also released working code for it.
Although no in-the-wild attacks have been confirmed yet, the potential impact on shared servers and containers is significant. The flaw has been patched across several kernel versions, and users are urged to update immediately.