Lucene search
K

299 matches found

NVD
NVD
added 5 days ago9 views

CVE-2026-55761

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. In versions 2.39.0 through 2.39.3 and 2.40.0 until 2.43.0, unauthenticated restore and administrator initialization...

7.1CVSS0.00272EPSS
Exploits1References6
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-55761 Portainer: Unauthenticated Restore Endpoint Allows Admin Takeover on Uninitialised Portainer Instances

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. In versions 2.39.0 through 2.39.3 and 2.40.0 until 2.43.0, unauthenticated restore and administrator initialization...

7.1CVSS0.00272EPSS
Exploits1References6
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42297

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. In versions 2.39.0 through 2.39.3 and 2.40.0 until 2.43.0, unauthenticated restore and administrator initialization...

7.1CVSS5.9AI score0.00272EPSS
Exploits1References6
CVE
CVE
added 5 days ago9 views

CVE-2026-55761

Portainer Community Edition contains a vulnerability where, in versions 2.39.0–2.39.3 and 2.40.0–2.43.0, unauthenticated restore and administrator initialization endpoints (/api/restore and /api/users/admin/init) remain accessible during the five-minute setup window for uninitialized instances. A...

7.1CVSS5.9AI score0.00272EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.19 views

PT-2026-50251

Name of the Vulnerable Software and Affected Versions Trivy versions prior to 0.71.1 Description Trivy improperly trusts the org.opencontainers.image.title annotation in an OCI artifact manifest, using it as the destination filename when downloading content without proper validation or...

7.5CVSS5.9AI score0.00292EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.12 views

CVE-2026-44885

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, Portainer's backup restore feature accepts a .tar.gz archive and extracts it to a target...

5.5CVSS5.6AI score0.00606EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.10 views

CVE-2026-44884

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8 and 2.39.1, a missing authorization vulnerability in the Custom Template file endpoint GET...

6.5CVSS5.4AI score0.00257EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.12 views

CVE-2026-44850

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer offers an environment-level Disable bind mounts for...

8.5CVSS5.5AI score0.00206EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.14 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.5AI score0.00347EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-44881

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer supports deploying stacks from Git repositories. When a...

9.9CVSS5.6AI score0.00416EPSS
Exploits2References1
Redos
Redos
added 2026/06/05 12:0 a.m.10 views

ROS-20260605-73-0024

The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

9.4CVSS5.5AI score0.00347EPSS
Exploits1
Redos
Redos
added 2026/06/05 12:0 a.m.8 views

ROS-20260605-73-0023

The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

9.4CVSS5.5AI score0.00328EPSS
Exploits1
Redos
Redos
added 2026/06/05 12:0 a.m.9 views

ROS-20260605-73-0022

The vulnerability in Portainer-Ce is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

8.5CVSS5.5AI score0.00206EPSS
Exploits1
Redos
Redos
added 2026/06/05 12:0 a.m.11 views

ROS-20260605-73-0020

The vulnerability in Portainer-Ce relates to the disclosure of information through query strings. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.7CVSS5.4AI score0.00316EPSS
Exploits1
Redos
Redos
added 2026/06/05 12:0 a.m.8 views

ROS-20260605-73-0021

The vulnerability in Portainer-Ce is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

9.9CVSS5.4AI score0.00416EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.14 views

CVE-2026-44883

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer's authentication middleware accepts JWT bearer tokens passed...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.16 views

CVE-2026-44848

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...

9.4CVSS5.7AI score0.00328EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/30 8:13 a.m.14 views

CVE-2026-44882

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33., Portainer proxies requests to Kubernetes clusters through a middleware layer...

8.1CVSS5.9AI score0.00335EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.11 views

CVE-2026-33590

Insecure default settings of Portainer CE grant regular non-admin users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the...

9.4CVSS5.9AI score0.00452EPSS
Exploits0References1
Redos
Redos
added 2026/05/29 12:0 a.m.21 views

ROS-20260529-73-0009

The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.5CVSS5.8AI score0.00257EPSS
Exploits1
Rows per page
Query Builder