Skip to main content

Portainer CE CVE-2026-33590

| EUVDEUVD-2026-33007 HIGH
Incorrect Default Permissions (CWE-276)
2026-05-28 ENISA GHSA-frhv-529m-5v9v
8.5
CVSS 4.0 · Vendor: ENISA
Share

Severity by source

Vendor (ENISA) PRIMARY
8.5 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (ENISA) · only source for this CVE.

CVSS VectorVendor: ENISA

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

4
Patch available
May 28, 2026 - 21:02 EUVD
Source Code Evidence Fetched
May 28, 2026 - 20:24 vuln.today
Analysis Generated
May 28, 2026 - 20:24 vuln.today
CVSS changed
May 28, 2026 - 20:22 NVD
8.5 (HIGH)

DescriptionCVE.org

Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent

access on the host.

AnalysisAI

Privilege escalation in Portainer Community Edition stems from permissive default endpoint security settings that grant non-admin users with endpoint access the ability to create containers with bind mounts, privileged mode, host namespaces, device mappings, sysctl settings, and Linux capabilities. An authenticated low-privilege user can leverage these defaults to read arbitrary host files or break out of the container boundary to achieve root-equivalent code execution on the Docker host. Publicly available exploit code exists per CVSS v4.0 threat metrics (E:P), but the issue is not listed in CISA KEV.

Technical ContextAI

Portainer CE is a popular open-source container management UI for Docker, Swarm, Kubernetes, and Nomad environments. The flaw is rooted in CWE-276 (Incorrect Default Permissions): when a new endpoint (Docker environment) is registered, Portainer's EndpointSecuritySettings struct was initialized with permissive flags - AllowBindMountsForRegularUsers, AllowPrivilegedModeForRegularUsers, AllowHostNamespaceForRegularUsers, AllowContainerCapabilitiesForRegularUsers, AllowDeviceMappingForRegularUsers, and AllowSysctlSettingForRegularUsers all set to true. Because Docker's bind-mount and --privileged primitives bridge the container/host boundary by design, granting these to non-admin users is functionally equivalent to handing them root on the host. The upstream fix introduces a single DefaultEndpointSecuritySettings() constructor that flips all of these to false, replacing the inline literals in api/datastore/datastore_test.go, api/http/handler/endpoints/endpoint_create.go, and api/internal/endpointutils/endpoint_setup.go.

RemediationAI

Upstream fix available (PR/commit); released patched version not independently confirmed - upgrade to a Portainer CE build that includes commits ac8fa7672e732b44b970c9eaf928eddd2c68796c and 3e2fdb1891e81a8e4c5c8beb60e45f07c8ecae52 (https://github.com/portainer/portainer/commit/ac8fa7672e732b44b970c9eaf928eddd2c68796c and https://github.com/portainer/portainer/commit/3e2fdb1891e81a8e4c5c8beb60e45f07c8ecae52), which introduce DefaultEndpointSecuritySettings() with all host-exposing toggles set to false. Until a tagged release can be deployed, administrators should manually harden every existing endpoint by opening Environments → Endpoint → Security and disabling AllowBindMountsForRegularUsers, AllowPrivilegedModeForRegularUsers, AllowHostNamespaceForRegularUsers, AllowContainerCapabilitiesForRegularUsers, AllowDeviceMappingForRegularUsers, AllowSysctlSettingForRegularUsers, AllowVolumeBrowserForRegularUsers, and EnableHostManagementFeatures - note that flipping these off will break any legitimate workflows where non-admin users were intentionally relying on bind mounts or privileged containers, so audit existing stacks first. Additionally, restrict endpoint and team membership so only trusted users hold any access, and review the hardening guidance at https://intwave.com/blog/2026/02/26/improving-portainer-security.html.

Share

CVE-2026-33590 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy