CVE-2026-24843

High

Published: 04 February 2026

Published

04 February 2026

Modified

18 February 2026

KEV Added

—

Patch

—

CVSS Score 8.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H

EPSS Score 0.0001 0.5th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24843 is a high-severity Path Traversal (CWE-22) vulnerability in Chainguard Melange. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Escape to Host (T1611); ranked at the 0.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Escape to Host (T1611). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires validation of tar stream paths from the QEMU guest VM to ensure they remain within the workspace directory, preventing path traversal and unauthorized file writes on the host.

SI-2 Flaw Remediation good match

prevent

Ensures timely identification, reporting, and patching of flaws like the path traversal vulnerability in melange versions before 0.40.3, eliminating the exploitable condition.

AC-3 Access Enforcement partial match

prevent

Enforces logical access controls on host file system resources to restrict writes outside the intended workspace even if path traversal is attempted.

MITRE ATT&CK Enterprise TechniquesAI

T1611 Escape to Host Privilege Escalation

Adversaries may break out of a container or virtualized environment to gain access to the underlying host.

attack.mitre.org →

Why these techniques?

Path traversal during tar extraction from QEMU guest enables writing arbitrary files on the host, directly facilitating escape from the isolated guest environment to the underlying host.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host.…

The retrieveWorkspace function extracts tar entries without validating that paths stay within the workspace, allowing path traversal via ../ sequences. This issue has been patched in version 0.40.3.

Deeper analysisAI

CVE-2026-24843 is a path traversal vulnerability (CWE-22) in melange, a tool for building APK packages using declarative pipelines. The flaw affects versions 0.11.3 through 0.40.2, stemming from the retrieveWorkspace function, which extracts tar entries from a QEMU guest VM without validating that paths remain within the intended workspace directory. This allows attackers to use ../ sequences in tar streams to escape the workspace boundaries.

An attacker who can influence the tar stream from a QEMU guest VM can exploit this vulnerability to write arbitrary files outside the workspace directory on the host system. Per the CVSS v3.1 base score of 8.2 (AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H), exploitation requires local access with low complexity, no privileges, and user interaction, but achieves high integrity and availability impacts due to the changed scope from writing files on the host.

The issue was patched in melange version 0.40.3. The Chainguard security advisory (GHSA-qxx2-7h4c-83f4) and patch commit (6e243d0d46699f837d7c392397a694d2bcc7612b) provide further details on the fix, which addresses the lack of path validation during tar extraction.