Cyber Resilience

CVE-2026-7374

CriticalUpdated

Published: 26 May 2026

Published
26 May 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v3.1 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0060 44.1th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-7374 is a critical-severity Link Following (CWE-59) vulnerability in Redhat (inferred from references). Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 44.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with…

more

a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1611 Escape to Host Privilege Escalation
Adversaries may break out of a container or virtualized environment to gain access to the underlying host.
Why these techniques?

Symlink validation flaw in privileged KubeVirt component directly enables container-to-host escape and node-level privilege escalation from limited namespace access.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-49739Shared CWE-59
CVE-2025-21419Shared CWE-59
CVE-2025-15310Shared CWE-59
CVE-2025-43220Shared CWE-59
CVE-2025-60710Shared CWE-59
CVE-2025-29795Shared CWE-59
CVE-2025-15319Shared CWE-59
CVE-2025-21391Shared CWE-59
CVE-2025-43257Shared CWE-59
CVE-2025-63946Shared CWE-59

Affected Assets

Redhat
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References