Cyber Resilience

CVE-2026-28406

HighUpdated

Published: 27 February 2026

Published
27 February 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
EPSS Score 0.0056 42.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-28406 is a high-severity Path Traversal (CWE-22) vulnerability in Chainguard Kaniko. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 42.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-28406 is a path traversal vulnerability (CWE-22) affecting kaniko, a tool for building container images from a Dockerfile within a container or Kubernetes cluster. The issue impacts versions starting from 1.25.4 up to but not including 1.25.10. Kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without ensuring the resolved path remains within the intended destination directory, allowing malicious tar entries like `../outside.txt` to escape the extraction root and write files outside it. The vulnerability carries a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L).

Attackers can exploit this vulnerability remotely with no privileges or user interaction required by supplying a malicious tar archive as the build context. This enables arbitrary file writes outside the extraction directory. In environments configured with registry authentication, the vulnerability can be chained with Docker credential helpers to achieve code execution within the kaniko executor process.

The fix in version 1.25.10 replaces the insecure path joining with securejoin for tar extraction path resolution. Relevant advisories and patches are detailed in the GitHub security advisory (GHSA-6rxq-q92g-4rmf), pull request #326, and commit a370e4b1f66e6e842b685c8f70ed507964c4b221 from the chainguard-forks/kaniko repository. Security practitioners should upgrade to 1.25.10 or later and validate build contexts from untrusted sources.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without enforcing that the final path…

more

stays within `dest`. A tar entry like `../outside.txt` escapes the extraction root and writes files outside the destination directory. In environments with registry authentication, this can be chained with docker credential helpers to achieve code execution within the executor process. Version 1.25.10 uses securejoin for path resolution in tar extraction.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1574.008 Path Interception by Search Order Hijacking Stealth
Adversaries may execute their own malicious payloads by hijacking the search order used to load other programs.
Why these techniques?

Path traversal enables remote unauthenticated exploitation of a network-accessible build tool (T1190) and arbitrary file writes to hijack credential helper execution via PATH search order (T1574.008).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-24843Same vendor: Chainguard
CVE-2026-25121Same vendor: Chainguard
CVE-2025-2505Shared CWE-22
CVE-2026-5841Shared CWE-22
CVE-2026-33242Shared CWE-22
CVE-2026-33292Shared CWE-22
CVE-2026-35605Shared CWE-22
CVE-2025-53632Shared CWE-22
CVE-2025-8110Shared CWE-22
CVE-2026-8757Shared CWE-22

Affected Assets

chainguard
kaniko
1.25.4 — 1.25.10

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the path traversal vulnerability by requiring validation of file paths in tar build contexts to ensure they remain within the intended destination directory.

prevent

Mandates timely flaw remediation by upgrading kaniko to version 1.25.10 or later, which implements secure path resolution with securejoin.

prevent

Restricts processing of untrusted or malformed build context inputs, such as malicious tar archives containing path traversal payloads.

References