CVE-2026-44917

🗓️ 04 Jun 2026 00:00:00Reported by mitreType

Authenticated project admin can read local files on the OpenStack Ironic conductor via a pxe_template.

Reporter	Title	Published	Views	Family All 16
ATTACKERKB	CVE-2026-44917	4 Jun 202600:00	–	attackerkb
Circl	CVE-2026-44917	4 Jun 202607:14	–	circl
CVE	CVE-2026-44917	4 Jun 202600:00	–	cve
Debian	[SECURITY] [DSA 6341-1] ironic security update	11 Jun 202618:49	–	debian
Debian CVE	CVE-2026-44917	4 Jun 202600:00	–	debiancve
Tenable Nessus	Debian dsa-6341 : ironic-api - security update	11 Jun 202600:00	–	nessus
Tenable Nessus	Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Ironic vulnerabilities (USN-8421-1)	12 Jun 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-44917	3 Jun 202600:00	–	nessus
EUVD	EUVD-2026-34202	4 Jun 202600:00	–	euvd
NVD	CVE-2026-44917	4 Jun 202604:17	–	nvd

[
  {
    "defaultStatus": "unaffected",
    "product": "Ironic",
    "vendor": "OpenStack",
    "versions": [
      {
        "lessThan": "26.1.7",
        "status": "affected",
        "version": "17.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "29.0.6",
        "status": "affected",
        "version": "27.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "32.0.2",
        "status": "affected",
        "version": "30.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "35.0.2",
        "status": "affected",
        "version": "33.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
bugs	www.bugs.launchpad.net/ironic/+bug/2148319
openwall	www.openwall.com/lists/oss-security/2026/06/03/13

04 Jun 2026 03:36Current

CVSS 3.14.9

EPSS0.00033

CWE-669