Skip to main content

Podman CVE-2026-57231

| EUVDEUVD-2026-39807 HIGH
Information Exposure (CWE-200)
2026-06-26 GitHub_M
7.5
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Exploitation requires the victim to run an attacker-supplied image (UI:R); no privileges needed (PR:N), high confidentiality loss of session secrets, no integrity or availability impact.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
SUSE
HIGH
qualitative

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Patch available
Jun 26, 2026 - 18:02 EUVD
Source Code Evidence Fetched
Jun 26, 2026 - 17:22 vuln.today
Analysis Generated
Jun 26, 2026 - 17:22 vuln.today

DescriptionCVE.org

Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that variable from the host into the container. This is made worse by the fact that using an asterisk (*) will cause podman to pass all host variables into the container. So essentially a malicious image can exfiltrate all podman environment variables that are set in the session from where the container is launched. This vulnerability is fixed in 5.8.4 and 6.0.0.

AnalysisAI

Information disclosure in Podman (1.8.1 through 5.8.3) lets a malicious OCI container image leak host environment variables into the container by embedding an image env entry with a key but no value; an asterisk (*) entry causes Podman to forward ALL host session variables. Because the launching session frequently holds secrets (registry credentials, API tokens, proxy auth), a crafted image run by a victim can harvest them. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Publish malicious image with '*' env entry
Delivery
Victim pulls and runs image on vulnerable Podman
Exploit
Podman imports host session variables into container
Execution
Entrypoint reads leaked secrets from env
Impact
Exfiltrate credentials to attacker

Vulnerability AssessmentAI

Exploitation Requires the victim to run an attacker-crafted OCI image whose config.Env contains a malformed entry - specifically a bare key with no '=' (e.g. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The published CVSS 3.1 base score is 7.5 (AV:N/AC:L/PR:N/UI:N/C:H/I:N/A:N), reflecting high confidentiality impact with no integrity/availability effect. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker publishes a container image whose config Env list includes an entry like 'HOST*' or '*'. A developer or CI pipeline that has secrets exported in its shell (e.g. …
Remediation Vendor-released patch: upgrade Podman to 5.8.4 (5.x branch) or 6.0.0, which add ParseImageEnvs() validation that rejects image env entries lacking an '=' or with an empty key. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems running Podman versions 1.8.1-5.8.3 and document current container image sources and execution practices. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise Micro 5.3 Affected
SUSE Linux Enterprise Micro 5.4 Affected
SUSE Linux Enterprise Micro 5.5 Affected
SUSE Linux Enterprise Module for Containers 15 SP7 Affected

Share

CVE-2026-57231 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy