Cyber Resilience

CVE-2026-25996

MediumPublic PoC

Published: 12 February 2026

Published
12 February 2026
Modified
16 March 2026
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0056 42.2th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-25996 is a medium-severity Improper Neutralization of Escape, Meta, or Control Sequences (CWE-150) vulnerability in Linuxfoundation Inspektor Gadget. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 42.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-15 (Information Output Filtering) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-25996 is a high-severity vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting Inspektor Gadget, an open-source framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF technology. The issue stems from unsanitized string fields in eBPF events when rendered to the terminal in columns output mode, which lacks protection against control characters or ANSI escape sequences. This mode is the default when running `ig run` interactively, allowing forged event payloads to inject escape sequences directly into the operator's terminal.

An attacker who can generate a maliciously forged event payload from an observed container can exploit this remotely with low complexity and no privileges or user interaction required. The payload injection targets the terminal of Inspektor Gadget operators monitoring the cluster, enabling various effects such as terminal manipulation, potentially leading to high impacts on confidentiality, integrity, and availability as scored by CVSS. Exploitation relies on the attacker's ability to influence eBPF events from within a container under observation (CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences).

Mitigation is available via the Inspektor Gadget release v0.49.1, which includes a fix in commit d59cf72971f9b7110d9c179dc8ae8b7a11dbd6d2 to sanitize string fields. Security practitioners should update to this version or later and review the GitHub Security Advisory GHSA-34r5-6j7w-235f for full details on the patch and affected versions.

EU & UK References

Vulnerability details

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization…

more

of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the escape sequences into the terminal of ig operators, with various effects. The columns output mode is the default when running ig run interactively.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

Unsanitized eBPF event output enables terminal escape sequence injection from a monitored container into the operator's interactive ig session, directly facilitating client application exploitation (T1203) that can result in Unix shell command execution or output manipulation (T1059.004) on the defender host.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-24905Same product: Linuxfoundation Inspektor Gadget
CVE-2026-40938Same vendor: Linuxfoundation
CVE-2026-32604Same vendor: Linuxfoundation
CVE-2026-27965Same vendor: Linuxfoundation
CVE-2026-32613Same vendor: Linuxfoundation
CVE-2024-24416Same vendor: Linuxfoundation
CVE-2026-27571Same vendor: Linuxfoundation
CVE-2026-24835Same vendor: Linuxfoundation
CVE-2026-33009Same vendor: Linuxfoundation
CVE-2025-68136Same vendor: Linuxfoundation

Affected Assets

linuxfoundation
inspektor gadget
≤ 0.49.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires filtering of string fields from eBPF events prior to terminal output to block control characters and ANSI escape sequences.

prevent

Mandates timely identification, reporting, and correction of flaws like the lack of output sanitization fixed in Inspektor Gadget v0.49.1.

prevent

Enforces validation of eBPF event inputs from containers to reject forged payloads containing malicious escape sequences before rendering.

References