CVE-2025-13566
📋 TL;DR
A double-free vulnerability exists in the nnn file manager up to version 5.1, specifically in the show_content_in_floating_window/run_cmd_as_plugin function. This allows local attackers to potentially execute arbitrary code or cause denial of service. Only users running nnn on their local systems are affected.
💻 Affected Systems
- jarun nnn file manager
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation leading to full system compromise via arbitrary code execution.
Likely Case
Application crash (denial of service) or limited memory corruption.
If Mitigated
No impact with proper patching or workarounds in place.
🎯 Exploit Status
Exploitation requires local access and specific user interaction with nnn's floating window functionality. No public exploit code has been identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after commit 2f07ccdf21e705377862e5f9dfa31e1694979ac7
Vendor Advisory: https://github.com/jarun/nnn/commit/2f07ccdf21e705377862e5f9dfa31e1694979ac7
Restart Required: No
Instructions:
1. Update nnn to the latest version from the official repository. 2. For source installations: git pull from https://github.com/jarun/nnn and rebuild. 3. For package managers: Use your distribution's package manager to update nnn.
🔧 Temporary Workarounds
Disable floating window functionality
linuxAvoid using the floating window feature that triggers the vulnerable code path
Avoid using 'F' key or similar floating window triggers in nnn
🧯 If You Can't Patch
- Restrict local user access to systems running vulnerable nnn versions
- Implement strict privilege separation and run nnn with minimal privileges
🔍 How to Verify
Check if Vulnerable:
Check nnn version with 'nnn -v' and verify if it's 5.1 or earlierCheck Version:
nnn -vVerify Fix Applied:
Verify nnn version is newer than 5.1 or check if commit 2f07ccdf21e705377862e5f9dfa31e1694979ac7 is present in the source📡 Detection & Monitoring
Log Indicators:
- Segmentation faults or abnormal termination of nnn process
- Memory corruption errors in system logs
Network Indicators:
- None - this is a local-only vulnerability
SIEM Query:
Process termination events for nnn with exit code indicating segmentation fault