Ubuntu USN · USN-8394-1

YARD vulnerability

Published: Fri, 05 Jun 2026 08:11

CVE-2026-41493

Summary

YARD could be made to expose sensitive information over the network.

Details

It was discovered that YARD incorrectly sanitized paths in its built-in documentation server. An attacker could possibly use this issue to read arbitrary files from the server host.

Recommended actions per Ubuntu release

StackPatch playbook auto-generated per release codename and per affected package.

Ubuntu bionic

yard→0.9.12-2ubuntu0.1~esm2apt_upgrade_esm
Fixed at 0.9.12-2ubuntu0.1~esm2 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.12-2ubuntu0.1~esm2
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard→0.9.12-2ubuntu0.1~esm2apt_upgrade_esm
Fixed at 0.9.12-2ubuntu0.1~esm2 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.12-2ubuntu0.1~esm2
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard-doc→0.9.12-2ubuntu0.1~esm2apt_upgrade_esm
Fixed at 0.9.12-2ubuntu0.1~esm2 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard-doc=0.9.12-2ubuntu0.1~esm2
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.

Ubuntu focal

yard→0.9.24-1+deb11u1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.24-1+deb11u1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.24-1+deb11u1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard→0.9.24-1+deb11u1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.24-1+deb11u1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.24-1+deb11u1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard-doc→0.9.24-1+deb11u1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.24-1+deb11u1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard-doc=0.9.24-1+deb11u1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.

Ubuntu jammy

yard→0.9.26-1ubuntu0.1+esm1apt_upgrade
Standard apt upgrade. Install 0.9.26-1ubuntu0.1+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y yard
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
yard→0.9.26-1ubuntu0.1+esm1apt_upgrade
Standard apt upgrade. Install 0.9.26-1ubuntu0.1+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y yard
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
yard-doc→0.9.26-1ubuntu0.1+esm1apt_upgrade
Standard apt upgrade. Install 0.9.26-1ubuntu0.1+esm1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y yard-doc
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu noble

yard→0.9.36-1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.36-1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.36-1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard→0.9.36-1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.36-1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.36-1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard-doc→0.9.36-1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.36-1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard-doc=0.9.36-1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.

Ubuntu resolute

yard→0.9.38-1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.38-1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.38-1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard→0.9.38-1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.38-1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.9.38-1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard-doc→0.9.38-1ubuntu0.1~esm1apt_upgrade_esm
Fixed at 0.9.38-1ubuntu0.1~esm1 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard-doc=0.9.38-1ubuntu0.1~esm1
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.

Ubuntu xenial

yard→0.8.7.6+git20160220-3ubuntu0.1~esm2apt_upgrade_esm
Fixed at 0.8.7.6+git20160220-3ubuntu0.1~esm2 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.8.7.6+git20160220-3ubuntu0.1~esm2
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard→0.8.7.6+git20160220-3ubuntu0.1~esm2apt_upgrade_esm
Fixed at 0.8.7.6+git20160220-3ubuntu0.1~esm2 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard=0.8.7.6+git20160220-3ubuntu0.1~esm2
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.
yard-doc→0.8.7.6+git20160220-3ubuntu0.1~esm2apt_upgrade_esm
Fixed at 0.8.7.6+git20160220-3ubuntu0.1~esm2 — ESM-only. Enable Ubuntu Pro (free for 5 personal machines) or treat as watch item.
```
sudo pro attach <token>
sudo apt-get update
sudo apt-get install --only-upgrade -y yard-doc=0.8.7.6+git20160220-3ubuntu0.1~esm2
```
Sign up at https://ubuntu.com/pro. Free for personal + small-team use.

Are YOU affected by USN-8394-1?

5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8394-1 (and any other live CVE) applies. Anonymous, no signup.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan Read the bash source first

Want this automated for your servers?

StackPatch runs this match against YOUR installed packages every hour

Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.

Buy lifetime →See StackPatch →Live audit log →