Overleaf compilation deactivated temporarily

Thursday, April 30, 2026

The copy fail security vulnerability CVE 2026-31431 is the topic of the day in the it world and affects basically any linux system since 2017. The vulnerability allows for a local privilege escalation and allows attackers, who can already execute local code, to obtain system privileges.

To make Overleaf work with all packages, we have to allow users to run all kinds of code. To this end we run the Overleaf compilation process in a secured sandbox environment. However, the copy fail vulnerability could currently allow malicious actors to escape this sandbox.

This is why we have now disabled the compilation in overleaf. You can still edit your files and download them, but the compilation process fails. Sadly we can not give a nicer error message.

We expect a kernel fix shortly and will re-enable the compilation process by then.

←Previous
Next→