CyberRota
← Ana sayfaya dön

CVE-2026-13218

MEDIUM · CVSS 4.2 EPSS %0.11

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-26T00:16:51.147 · Çekilme zamanı: 2026-07-15T12:03:51.482275+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-13218
Severity
MEDIUM
CVSS
4.2
EPSS
%0.11

Orijinal NVD Açıklaması

A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to the virt-launcher container can plant a symlink at the cache file path, causing virt-handler to follow it and overwrite an arbitrary host file with JSON content and change its ownership.