CVE-2026-55686 Podman: WORKDIR symlink traversal vulnerability

Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an...

EUVD-2026-39808

Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an...

CVE-2025-64437

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node ...

CVE-2025-64437

KubeVirt (virt-handler) vulnerability CVE-2025-64437 affects versions before 1.5.3 and 1.6.1. The issue is that virt-handler does not verify whether the launcher-sock is a symlink or a regular file, allowing an attacker who controls the virt-launcher pod’s filesystem to change ownership of arbitr...

PT-2025-45440

Name of the Vulnerable Software and Affected Versions KubeVirt versions prior to 1.5.3 KubeVirt versions prior to 1.6.1 Description KubeVirt, a virtual machine management add-on for Kubernetes, contains a flaw where the virt-handler does not validate if the launcher-sock is a symbolic link or a...