Skip to main content

containerd CVE-2026-46680

| EUVDEUVD-2026-41103 HIGH
Access of Resource Using Incompatible Type (Type Confusion) (CWE-843)
2026-05-21 https://github.com/containerd/containerd GHSA-fqw6-gf59-qr4w
7.3
CVSS 4.0 · Vendor: https://github.com/containerd/containerd
Share

Severity by source

Vendor (https://github.com/containerd/containerd) PRIMARY
7.3 HIGH
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
7.0 HIGH
AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from Vendor (https://github.com/containerd/containerd).

CVSS VectorVendor: https://github.com/containerd/containerd

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

3
CVSS changed
Jul 01, 2026 - 18:22 NVD
7.3 (HIGH)
Source Code Evidence Fetched
May 21, 2026 - 22:32 vuln.today
Analysis Generated
May 21, 2026 - 22:32 vuln.today

DescriptionCVE.org

Impact

A bug was found in containerd where containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an /etc/passwd file mapping this large numeric string to root, the container ultimately runs as root (UID 0). This allows the Kubernetes runAsNonRoot restriction to be bypassed, causing unexpected behavior for environments that require containers to run as a non-root user.

Patches

This bug has been fixed in the following containerd versions:

  • 2.3.1
  • 2.2.4
  • 2.0.9
  • 1.7.32

Note: The containerd 2.1 release has reached its end of life and a fixed version is not provided.

Users should update to these versions to resolve the issue.

Workarounds

Ensure that only trusted images are used and that only trusted users have permissions to import images. Alternatively, enforcing a specific numeric runAsUser in the Kubernetes Pod securityContext overrides the USER directive in the image and prevents the bypass. Newer versions of Kubernetes, starting with 1.34, also appear to enforce runAsNonRoot properly regardless of this bug.

Credits

The containerd project would like to thank Lei Wang (@ssst0n3) for responsibly disclosing this issue in accordance with the containerd security policy.

Resources

  • https://github.com/advisories/GHSA-265r-hfxg-fhmg (CVE-2024-40635)

For more information

If there are any questions or comments about this advisory:

  • Open an issue in containerd
  • Send an email to [security@containerd.io](mailto:security@containerd.io)

To report a security issue in containerd:

AnalysisAI

runAsNonRoot bypass in containerd allows crafted container images to execute as UID 0 despite Kubernetes security policies designed to prevent root execution. The flaw stems from containerd treating numeric USER directives that overflow a 32-bit integer as usernames, and if the image's /etc/passwd maps that string to root, the container runs as root. No public exploit identified at time of analysis, but the issue was responsibly disclosed by Lei Wang (@ssst0n3) and fixed in multiple containerd release branches.

Technical ContextAI

containerd is the CNCF graduated container runtime that underpins Docker, Kubernetes (via CRI), and many managed Kubernetes services. The bug sits in containerd's user resolution logic for OCI image USER directives: when the value is numeric, containerd attempts to parse it as a 32-bit integer UID, and on parse failure (because the number exceeds int32 range) it falls back to treating the string as a username and looks it up in the image's /etc/passwd. This maps to CWE-843 (Type Confusion / Access of Resource Using Incompatible Type) because the same input is interpreted as two different types - numeric UID vs. username - depending on parse success. The affected packages per CPE data are go/github.com/containerd/containerd (v1.x) and go/github.com/containerd/containerd/v2 (v2.x), and the issue is closely related to the previously disclosed CVE-2024-40635 (GHSA-265r-hfxg-fhmg), suggesting incomplete remediation of the earlier user-parsing bug.

RemediationAI

Vendor-released patch: upgrade to containerd 2.3.1, 2.2.4, 2.0.9, or 1.7.32 depending on your release branch, as documented in the upstream advisory at https://github.com/containerd/containerd/security/advisories/GHSA-fqw6-gf59-qr4w. Users on the end-of-life 2.1.x line must migrate to a supported branch since no fix will be backported. As a workaround until patching, restrict image sources so only trusted registries and users can push or import images, and in Kubernetes set an explicit numeric runAsUser in each Pod's securityContext - this overrides the image USER directive and neutralizes the bypass at the cost of having to manage UID assignments per workload. Upgrading the Kubernetes control plane to 1.34 or later also reportedly enforces runAsNonRoot correctly regardless of the runtime bug, though this requires a cluster-level upgrade with its own compatibility considerations.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 12 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise Micro 5.3 Affected

Share

CVE-2026-46680 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy