CVE-2026-44882 | portainer Community Edition up to 2.33.7 authorization (GHSA-mgq6-4x29-88r3)
ID: 2325e5fa-6c23-5be2-8f9b-9f73fc16f430
STIX ID: report--2325e5fa-6c23-5be2-8f9b-9f73fc16f430
Feed Name: VulDB Recent Entries
Threat Score
Portainer Community Edition up to 2.33.7 has a critical authorization bypass (CVE-2026-44882) in kubeClientMiddleware that can forward requests when secondary token validation fails, potentially allowing attackers with a valid Portainer session to access Kubernetes endpoints they should not, impacting confidentiality, integrity, and availability; upgrading to 2.33.8 is recommended.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.