Skip to main content

Containerd

10 CVEs product

Monthly

CVE-2026-53488 Go CRITICAL PATCH GHSA Act Now

Host command execution in containerd's CRI plugin arises because labels from an image config (Dockerfile LABEL instruction) are propagated to the created container without validation; when a downstream plugin consumes those labels for operations (notably the restart-monitor's binary:// logger path), an attacker-controlled label value becomes an arbitrary command executed with host-root privileges. Affected releases are all containerd versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5, and 2.3.2, meaning any environment that pulls and runs an untrusted image on a node using a label-consuming plugin is exposed to full container-to-host escape. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, so this is a high-severity, responsibly-disclosed flaw rather than one with confirmed active exploitation.

Information Disclosure Containerd
NVD VulDB GitHub
CVSS 4.0
9.4
EPSS
0.2%
CVE-2026-53489 Go HIGH PATCH GHSA This Week

Arbitrary host file disclosure in containerd's CRI plugin lets an attacker read any file on the Kubernetes node via `kubectl logs` because the plugin restores `container.log` from a checkpoint image while blindly following a symlinked path. All containerd 2.x branches before 2.1.9, 2.2.5, and 2.3.2 are affected wherever container checkpoint/restore (CRIU-based) is used. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the flaw was independently reported by numerous researchers and a vendor patch is available.

Information Disclosure Containerd Checkpoint
NVD VulDB GitHub
CVSS 4.0
8.2
EPSS
0.2%
CVE-2026-47262 Go MEDIUM PATCH GHSA This Month

Memory exhaustion via maliciously crafted container image in containerd causes an OOM kill of the containerd process, rendering the container runtime API unavailable and disrupting orchestration layers including Docker Engine and Kubernetes control-plane components. CVE-2026-47262 is rated Moderate by the containerd project - lower than the four co-patched Critical/High CVEs - and is fixed across the full active supported release tree in versions 2.3.2, 2.2.5, 2.1.9, 2.0.10, and 1.7.33. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis.

Denial Of Service Docker Kubernetes Containerd
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.5%
CVE-2026-50195 Go MEDIUM PATCH GHSA This Month

Checkpoint image poisoning in containerd's CRI implementation allows an attacker with pod-creation permissions to corrupt the node-local image cache, causing victim pods to silently execute malicious images in place of legitimate ones. The root cause is missing validation of image references embedded in checkpoint image configurations: containerd trusts attacker-controlled strings in the checkpoint archive to drive image pulls and local tag assignment. Subsequent pods using an IfNotPresent or Never pull policy then inherit the poisoned tag and execute arbitrary code under the victim pod's Kubernetes identity. No active exploitation has been confirmed (not in CISA KEV), and no public exploit code has been identified at time of analysis; vendor-released patches are available.

RCE Containerd Checkpoint
NVD VulDB GitHub
CVSS 4.0
5.6
EPSS
0.3%
CVE-2026-53492 Go HIGH PATCH GHSA This Week

Kubernetes device-plugin and resource-allocation enforcement can be bypassed in containerd by a namespace user holding pod-creation rights, who restores a container from a maliciously crafted checkpoint image. The CRI restore path trusts Container Device Interface (CDI) annotations embedded in untrusted checkpoint metadata instead of the pod's create-time spec, letting the attacker smuggle arbitrary CDI edits (host device nodes and mounts) into the restored container. It affects containerd v2.1.0-2.1.8, v2.2.0-2.2.4 and v2.3.0-2.3.1; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Information Disclosure Kubernetes Containerd Checkpoint
NVD VulDB GitHub
CVSS 4.0
8.4
EPSS
0.5%
CVE-2025-64329 Go MEDIUM PATCH This Month

containerd is an open-source container runtime. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Red Hat Suse Containerd
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2024-25621 Go HIGH PATCH This Month

containerd is an open-source container runtime. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Red Hat Suse Containerd
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-47291 Go MEDIUM PATCH Monitor

containerd is an open-source container runtime. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Kubernetes Red Hat Suse Containerd
NVD GitHub
CVSS 4.0
4.6
EPSS
0.3%
CVE-2025-47290 Go HIGH PATCH This Month

containerd is a container runtime. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Red Hat Suse Containerd
NVD GitHub
CVSS 4.0
7.6
EPSS
0.1%
CVE-2024-40635 Go MEDIUM PATCH This Month

containerd is an open-source container runtime. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Red Hat Debian Linux Suse +1
NVD GitHub
CVSS 3.1
4.6
EPSS
0.0%
EPSS 0% CVSS 9.4
CRITICAL PATCH Act Now

Host command execution in containerd's CRI plugin arises because labels from an image config (Dockerfile LABEL instruction) are propagated to the created container without validation; when a downstream plugin consumes those labels for operations (notably the restart-monitor's binary:// logger path), an attacker-controlled label value becomes an arbitrary command executed with host-root privileges. Affected releases are all containerd versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5, and 2.3.2, meaning any environment that pulls and runs an untrusted image on a node using a label-consuming plugin is exposed to full container-to-host escape. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, so this is a high-severity, responsibly-disclosed flaw rather than one with confirmed active exploitation.

Information Disclosure Containerd
NVD VulDB GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Arbitrary host file disclosure in containerd's CRI plugin lets an attacker read any file on the Kubernetes node via `kubectl logs` because the plugin restores `container.log` from a checkpoint image while blindly following a symlinked path. All containerd 2.x branches before 2.1.9, 2.2.5, and 2.3.2 are affected wherever container checkpoint/restore (CRIU-based) is used. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the flaw was independently reported by numerous researchers and a vendor patch is available.

Information Disclosure Containerd Checkpoint
NVD VulDB GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Memory exhaustion via maliciously crafted container image in containerd causes an OOM kill of the containerd process, rendering the container runtime API unavailable and disrupting orchestration layers including Docker Engine and Kubernetes control-plane components. CVE-2026-47262 is rated Moderate by the containerd project - lower than the four co-patched Critical/High CVEs - and is fixed across the full active supported release tree in versions 2.3.2, 2.2.5, 2.1.9, 2.0.10, and 1.7.33. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis.

Denial Of Service Docker Kubernetes +1
NVD VulDB GitHub
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Checkpoint image poisoning in containerd's CRI implementation allows an attacker with pod-creation permissions to corrupt the node-local image cache, causing victim pods to silently execute malicious images in place of legitimate ones. The root cause is missing validation of image references embedded in checkpoint image configurations: containerd trusts attacker-controlled strings in the checkpoint archive to drive image pulls and local tag assignment. Subsequent pods using an IfNotPresent or Never pull policy then inherit the poisoned tag and execute arbitrary code under the victim pod's Kubernetes identity. No active exploitation has been confirmed (not in CISA KEV), and no public exploit code has been identified at time of analysis; vendor-released patches are available.

RCE Containerd Checkpoint
NVD VulDB GitHub
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Kubernetes device-plugin and resource-allocation enforcement can be bypassed in containerd by a namespace user holding pod-creation rights, who restores a container from a maliciously crafted checkpoint image. The CRI restore path trusts Container Device Interface (CDI) annotations embedded in untrusted checkpoint metadata instead of the pod's create-time spec, letting the attacker smuggle arbitrary CDI edits (host device nodes and mounts) into the restored container. It affects containerd v2.1.0-2.1.8, v2.2.0-2.2.4 and v2.3.0-2.3.1; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Information Disclosure Kubernetes Containerd +1
NVD VulDB GitHub
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

containerd is an open-source container runtime. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Red Hat Suse +1
NVD GitHub
EPSS 0% CVSS 7.3
HIGH PATCH This Month

containerd is an open-source container runtime. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Red Hat Suse +1
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH Monitor

containerd is an open-source container runtime. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Kubernetes Red Hat +2
NVD GitHub
EPSS 0% CVSS 7.6
HIGH PATCH This Month

containerd is a container runtime. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Red Hat Suse +1
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

containerd is an open-source container runtime. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Red Hat +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy