Product

Containerd V2.2.0-2.2.4

1 brief RSS

Arbitrary Host File Read via Symlink Following in containerd CRI Checkpoint Restore (CVE-2026-53489)

A high-severity vulnerability (CVE-2026-53489) in containerd's CRI plugin allows an unprivileged attacker to read arbitrary files on the host system by crafting a malicious checkpoint with a symlink that `containerd` follows during `container.log` restoration, enabling data exfiltration via `kubectl logs`.

containerd v2.1.0-2.1.8 +2 container kubernetes vulnerability data-exfiltration linux

3r 2t 1d ago