Skip to main content

Smb Volume Release

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-41013 HIGH PATCH This Week

Privilege escalation in Cloud Foundry smb-volume-release (prior to v3.60.0) and CF Deployment (prior to v56.0.0) lets a low-privileged CF space developer smuggle arbitrary CIFS mount options past the mount-option allowlist, gaining kernel-level mount control on shared Diego cells. The flaw maps to CWE-88 (argument injection) and carries CVSS 8.1 with low-privilege network exploitation; no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Privilege Escalation Smb Volume Release Cf Deployment
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-41013
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Privilege escalation in Cloud Foundry smb-volume-release (prior to v3.60.0) and CF Deployment (prior to v56.0.0) lets a low-privileged CF space developer smuggle arbitrary CIFS mount options past the mount-option allowlist, gaining kernel-level mount control on shared Diego cells. The flaw maps to CWE-88 (argument injection) and carries CVSS 8.1 with low-privilege network exploitation; no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Privilege Escalation Smb Volume Release Cf Deployment
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy