CVE-2026-35357 — The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived permissions (e.g., 0644) before being restricte — CVE Database · The Intelligence Room