CVE-2026-41326
Published: 24 April 2026
Summary
CVE-2026-41326 is a high-severity UNIX Symbolic Link (Symlink) Following (CWE-61) vulnerability in Katacontainers Confidential Containers. Its CVSS base score is 8.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Ingress Tool Transfer (T1105); ranked at the 18.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-25611
Vulnerability details
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy (and perhaps the CopyFile handler) allows untrusted hosts to…
more
write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. This vulnerability is fixed in v3.29.0.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Arbitrary file write from untrusted host into guest enables direct ingress of tools/binaries (T1105) and hijacking execution by overwriting guest binaries (T1574).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Use of granular security and privacy attributes enables finer access control than coarse permission models alone.
Documenting interface characteristics enables more granular control over internal access.
Requires the architecture to describe granularity and placement of controls, preventing insufficiently fine-grained access decisions.
Provides the necessary granularity by placing system management functions outside the reach of user-level access controls.
Isolation supplies an explicit, enforceable granularity boundary between security and non-security functions that coarser access-control schemes lack.