Lucene search
K

88 matches found

NVD
NVD
added 2026/06/26 4:16 p.m.9 views

CVE-2026-9640

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS0.00342EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/26 3:50 p.m.45 views

CVE-2026-9640 LXD Snapshot Import Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS0.00342EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/26 3:50 p.m.6 views

CVE-2026-9640

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS5.8AI score0.00342EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/06/26 3:50 p.m.6 views

EUVD-2026-39794

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS5.8AI score0.00342EPSS
Exploits1References4
CVE
CVE
added 2026/06/26 3:50 p.m.25 views

CVE-2026-9640

CVE-2026-9640 concerns LXD versions 6.0–6.9, 5.21.0–5.21.5, and 5.0.0–5.0.7. It describes a privilege escalation where an authenticated project operator in a restricted multi-tenant environment can bypass project-restriction policies during snapshot restoration by importing a malicious instance b...

7.2CVSS5.8AI score0.00342EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/06/26 3:50 p.m.3 views

CVE-2026-9640 LXD Snapshot Import Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS6AI score0.00342EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/06/26 3:9 p.m.9 views

CVE-2026-41567

A flaw was found in Moby, the open-source container framework, and Docker Engine. A malicious container image can exploit this vulnerability to achieve arbitrary code execution with full daemon privileges, including host root access. This occurs when a user uploads a compressed archive to the...

7.5CVSS6.4AI score0.00153EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.9 views

PT-2026-52844

Name of the Vulnerable Software and Affected Versions LXD versions 6.0 through 6.8 LXD versions 5.21.0 through 5.21.4 LXD versions 5.0.0 through 5.0.6 Description An issue exists in the handling of project-restriction policies during snapshot restoration. An authenticated project operator in a...

7.2CVSS5.8AI score0.00342EPSS
Exploits1References8
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5758 containerd CRI — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull in github.com/containerd/containerd

containerd CRI — image-config LABEL flows to restart-monitor binary:// logger: host-root command execution from an image pull in github.com/containerd/containerd...

9.4CVSS6AI score0.00203EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.19 views

PT-2026-50746

Name of the Vulnerable Software and Affected Versions Docker MCP Plugin affected versions not specified Description A flaw in the OCI image label parsing allows an attacker to inject arbitrary arguments into the docker run command line. This occurs because the io.docker.server.metadata label is...

8.7CVSS6.3AI score
Exploits0References5
OSV
OSV
added 2026/06/16 11:55 p.m.9 views

GO-2026-5042 Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs in github.com/kata-containers/kata-containers

Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs in github.com/kata-containers/kata-containers...

5.3AI score0.00067EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/10 6:41 p.m.92 views

CVE-2023-2640-CVE-2023-32629-Interactive-PoC

CVE-2023-2640 & CVE-2023-32629 GameOverLay - Real Host Root...

7.8CVSS7.2AI score0.15783EPSS
Exploits14
SUSE CVE
SUSE CVE
added 2026/06/06 2:48 a.m.9 views

SUSE CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.2AI score0.00153EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/05/30 2:12 a.m.11 views

CVE-2026-44543

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

8.7CVSS5.8AI score0.00368EPSS
Exploits0References1
CVE
CVE
added 2026/05/28 4:41 p.m.38 views

CVE-2026-44543

Local Path Provisioner (rancher/local-path-provisioner) is affected. Before version 0.0.36, a user with edit rights on the local-path-config ConfigMap can inject a malicious helperPod.yaml into the template used to create HelperPods during PVC provisioning/cleanup. The attacker-controlled templat...

8.7CVSS5.8AI score0.00368EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/27 10:50 p.m.21 views

GHSA-2GV2-CFFP-J227 Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs

Summary In the runtime-rs standalone virtio-fs path, verified here with QEMU and verified with Cloud Hypervisor too, Kata Containers runs host virtiofsd as root with: --sandbox none --seccomp none If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE reques...

9.3CVSS6AI score0.00067EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/27 10:50 p.m.18 views

Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs

Summary In the runtime-rs standalone virtio-fs path, verified here with QEMU and verified with Cloud Hypervisor too, Kata Containers runs host virtiofsd as root with: --sandbox none --seccomp none If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE reques...

6AI score0.00067EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/18 5:47 p.m.24 views

Docker: `PUT /containers/{id}/archive` executes container binary on the host

Summary When a user uploads a compressed archive into a container, a malicious image can execute arbitrary code with daemon host root privileges. Details When handling PUT /containers/id/archive requests with compressed archives, the daemon decompresses them using external system binaries. Due to...

7.5CVSS6.4AI score0.00153EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2026/05/18 5:47 p.m.16 views

GHSA-X86F-5XW2-FM2R Docker: `PUT /containers/{id}/archive` executes container binary on the host

Summary When a user uploads a compressed archive into a container, a malicious image can execute arbitrary code with daemon host root privileges. Details When handling PUT /containers/id/archive requests with compressed archives, the daemon decompresses them using external system binaries. Due to...

7.2CVSS6.4AI score0.00153EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.16 views

PT-2026-41765

Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Description When handling 'PUT /containers/id/archive' requests with compressed archives, the daemon decompresses them using external system binaries. Due to incorrect operation ordering, these binaries a...

7.5CVSS6.3AI score0.00153EPSS
Exploits0References52
Rows per page
Query Builder