What is the CVSS score of CVE-2026-49238?

CVE-2026-49238 has a CVSS 3.1 base score of 8.4 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N.

Which versions of Canonical Multipass are affected by CVE-2026-49238?

Canonical Multipass versions before 1.16.3 contain a virtual machine escape vulnerability (CVSS 8.4) that allows root-privileged users within guest VMs to access arbitrary files on the host system,…. A patch is available.

Canonical Multipass CVE-2026-49238

EUVD-2026-32899 HIGH

Path Traversal (CWE-22)

2026-05-28 security@ubuntu.com

Path Traversal Canonical

8.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Patch available

May 28, 2026 - 15:01 EUVD

Analysis Generated

May 28, 2026 - 14:30 vuln.today

DescriptionNVD

An issue was discovered in Canonical Multipass before version 1.16.3. The host-side SFTP server component (sshfs_server), which executes with root privileges on the host, contains a path containment bypass vulnerability within its validate_path function in src/sshfs_mount/sftp_server.cpp. The function performs a plain string prefix comparison on requested paths without path separator validation or dot-dot (..) normalization. A local attacker with root privileges inside a guest virtual machine can bypass the FUSE layer by injecting raw SFTP frames (such as an SSH_FXP_OPEN request) directly into the sshfs_server process stdin/stdout pipes via procfs. By supplying a path containing directory traversal sequences that match the allowed mount prefix, the attacker can force the host-side root process to resolve the traversal and open files outside the designated mount boundary. This allows a guest-side user to read arbitrary files on the host filesystem, resulting in a virtual machine escape.

AnalysisAI

Virtual machine escape in Canonical Multipass before 1.16.3 allows a root user inside a guest VM to read arbitrary files on the host filesystem by bypassing the host-side sshfs_server path containment. The flaw lives in the validate_path function (CWE-22 path traversal), which uses naive string prefix matching and accepts dot-dot sequences. …

RemediationAI

Within 24 hours: Inventory all systems running Canonical Multipass and document version numbers (vulnerable if <1.16.3). Within 7 days: Restrict root account usage and privilege escalation within guest VMs, implement network-layer isolation for Multipass hosts, and disable SSH key-based host access where possible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-49237 HIGH This Week

7.8 May 28

Local privilege escalation in Canonical Multipass for macOS before 1.16.3 allows a low-privileged local user to obtain r

CVE-2026-42790 HIGH This Week

7.6 May 27

TLS server impersonation in Erlang/OTP's public_key library lets a name-constrained subordinate CA forge a trusted ident

CVE-2026-42462 HIGH This Week

7.0 May 26

Here is the multi-source synthesis for CVE-2026-42462: ```json { "product_name": "Fedify", "summary": "Linked Data

CVE-2026-47674 MEDIUM This Month

5.3 May 28

IP restriction bypass in Hono's ip-restriction middleware (hono/ip-restriction) prior to version 4.12.21 allows unauthen

CVE-2026-45842 Monitor

May 27

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with n

CVE-2026-49238 vulnerability details – vuln.today

Back