CVE-2026-7374 (GCVE-0-2026-7374)
Vulnerability from cvelistv5 – Published: 2026-05-26 13:14 – Updated: 2026-06-30 12:10
VLAI
Title
Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability
Summary
A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
13 references
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Container Native Virtualization 4.12 |
Unaffected:
1779375376 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.12::el8 |
|
| Red Hat | Red Hat Container Native Virtualization 4.13 |
Unaffected:
1778999881 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.13::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.14 |
Unaffected:
1779321599 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.14::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.15 |
Unaffected:
1778859977 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.15::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.16 |
Unaffected:
1778861274 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.16::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.17 |
Unaffected:
1779174925 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.17::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.18 |
Unaffected:
1778887155 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.18::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.19 |
Unaffected:
1779289071 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.19::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.20 |
Unaffected:
1779288737 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.20::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.21 |
Unaffected:
1779420069 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.21::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.12 |
cpe:/a:redhat:container_native_virtualization:4.12::el8 |
|
| Red Hat | Red Hat Container Native Virtualization 4.13 |
cpe:/a:redhat:container_native_virtualization:4.13::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.14 |
cpe:/a:redhat:container_native_virtualization:4.14::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.15 |
cpe:/a:redhat:container_native_virtualization:4.15::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.16 |
cpe:/a:redhat:container_native_virtualization:4.16::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.17 |
cpe:/a:redhat:container_native_virtualization:4.17::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.18 |
cpe:/a:redhat:container_native_virtualization:4.18::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.19 |
cpe:/a:redhat:container_native_virtualization:4.19::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.20 |
cpe:/a:redhat:container_native_virtualization:4.20::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.21 |
cpe:/a:redhat:container_native_virtualization:4.21::el9 |
Date Public
2026-05-26 12:30
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:39.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.12::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.20",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.21::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Container Native Virtualization 4.21",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-26T12:30:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:10:58.219Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"name": "RHBZ#2463728",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463728"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-7374.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20825"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20886"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20890"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20866"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20975"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20763"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20736"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20767"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20782"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20720"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:20825: Red Hat Container Native Virtualization 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:20886: Red Hat Container Native Virtualization 4.13"
},
{
"lang": "en",
"value": "RHSA-2026:20890: Red Hat Container Native Virtualization 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:20866: Red Hat Container Native Virtualization 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:20975: Red Hat Container Native Virtualization 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:20763: Red Hat Container Native Virtualization 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:20736: Red Hat Container Native Virtualization 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:20767: Red Hat Container Native Virtualization 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:20782: Red Hat Container Native Virtualization 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:20720: Red Hat Container Native Virtualization 4.21"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-22T07:20:25.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-26T12:30:00.000Z",
"value": "Made public."
}
],
"title": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability",
"workarounds": [
{
"lang": "en",
"value": "Update cluster RBAC to not allow exec into virt-launcher pods."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.12::el8"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler",
"product": "Red Hat Container Native Virtualization 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779375376",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778999881",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779321599",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778859977",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778861274",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779174925",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778887155",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779289071",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779288737",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779420069",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Sarah Bennert (Red Hat) and Stoyan Nikolov (Red Hat)."
}
],
"datePublic": "2026-05-26T12:30:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T18:55:34.630Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2026:20720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20720"
},
{
"name": "RHSA-2026:20736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20736"
},
{
"name": "RHSA-2026:20763",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20763"
},
{
"name": "RHSA-2026:20767",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20767"
},
{
"name": "RHSA-2026:20782",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20782"
},
{
"name": "RHSA-2026:20825",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20825"
},
{
"name": "RHSA-2026:20866",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20866"
},
{
"name": "RHSA-2026:20886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20886"
},
{
"name": "RHSA-2026:20890",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20890"
},
{
"name": "RHSA-2026:20975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20975"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"name": "RHBZ#2463728",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463728"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-22T07:20:25.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-26T12:30:00.000Z",
"value": "Made public."
}
],
"title": "Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability",
"workarounds": [
{
"lang": "en",
"value": "Update cluster RBAC to not allow exec into virt-launcher pods."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-7374",
"datePublished": "2026-05-26T13:14:53.851Z",
"dateReserved": "2026-04-29T06:46:44.106Z",
"dateUpdated": "2026-06-30T12:10:58.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-7374",
"date": "2026-07-01",
"epss": "0.00596",
"percentile": "0.44091"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-7374\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2026-05-26T14:16:40.717\",\"lastModified\":\"2026-06-30T03:21:21.170\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.\"}],\"affected\":[{\"source\":\"secalert@redhat.com\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.12\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.12::el8\"],\"versions\":[{\"version\":\"1779375376\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.13\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.13::el9\"],\"versions\":[{\"version\":\"1778999881\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.14\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.14::el9\"],\"versions\":[{\"version\":\"1779321599\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.15\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.15::el9\"],\"versions\":[{\"version\":\"1778859977\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.16\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.16::el9\"],\"versions\":[{\"version\":\"1778861274\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.17\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.17::el9\"],\"versions\":[{\"version\":\"1779174925\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.18\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.18::el9\"],\"versions\":[{\"version\":\"1778887155\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.19\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.19::el9\"],\"versions\":[{\"version\":\"1779289071\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.20\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.20::el9\"],\"versions\":[{\"version\":\"1779288737\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.21\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"container-native-virtualization/virt-handler-rhel9\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.21::el9\"],\"versions\":[{\"version\":\"1779420069\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.12::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.20\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Container Native Virtualization 4.21\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4.21::el9\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-26T00:00:00+00:00\",\"id\":\"CVE-2026-7374\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20720\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20736\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20763\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20767\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20782\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20825\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20866\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20886\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20890\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20975\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-7374\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2463728\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20720\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20736\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20763\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20767\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20782\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20825\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20866\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20886\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20890\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20975\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-7374\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2463728\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-7374.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.12::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.20\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.21::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.21\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-22T07:20:25.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-26T12:30:00.000Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:20825: Red Hat Container Native Virtualization 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20886: Red Hat Container Native Virtualization 4.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20890: Red Hat Container Native Virtualization 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20866: Red Hat Container Native Virtualization 4.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20975: Red Hat Container Native Virtualization 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20763: Red Hat Container Native Virtualization 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20736: Red Hat Container Native Virtualization 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20767: Red Hat Container Native Virtualization 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20782: Red Hat Container Native Virtualization 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20720: Red Hat Container Native Virtualization 4.21\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-26T12:30:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-7374\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2463728\", \"name\": \"RHBZ#2463728\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-7374.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20825\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20890\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20866\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20975\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20763\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20736\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20767\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20782\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Update cluster RBAC to not allow exec into virt-launcher pods.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-59\", \"description\": \"Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-06-30T03:18:31.063Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-7374\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-26T13:37:35.060833Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-26T13:37:38.502Z\"}}], \"cna\": {\"title\": \"Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability\", \"credits\": [{\"lang\": \"en\", \"value\": \"This issue was discovered by Sarah Bennert (Red Hat) and Stoyan Nikolov (Red Hat).\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.12::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.12\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779375376\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778999881\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779321599\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778859977\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778861274\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.17\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779174925\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.18\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778887155\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.19\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779289071\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.20\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779288737\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.21::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.21\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779420069\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-22T07:20:25.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-26T12:30:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2026-05-26T12:30:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2026:20720\", \"name\": \"RHSA-2026:20720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20736\", \"name\": \"RHSA-2026:20736\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20763\", \"name\": \"RHSA-2026:20763\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20767\", \"name\": \"RHSA-2026:20767\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20782\", \"name\": \"RHSA-2026:20782\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20825\", \"name\": \"RHSA-2026:20825\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20866\", \"name\": \"RHSA-2026:20866\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20886\", \"name\": \"RHSA-2026:20886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20890\", \"name\": \"RHSA-2026:20890\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20975\", \"name\": \"RHSA-2026:20975\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2026-7374\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2463728\", \"name\": \"RHBZ#2463728\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Update cluster RBAC to not allow exec into virt-launcher pods.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-59\", \"description\": \"Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-06-15T18:55:34.630Z\"}, \"x_redhatCweChain\": \"CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-7374\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-30T03:18:31.063Z\", \"dateReserved\": \"2026-04-29T06:46:44.106Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2026-05-26T13:14:53.851Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…