CVE-2026-3864

MEDIUM 6.5

CSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS server

CVSS Score

6.5

EPSS Score

0.1%

EPSS Percentile

16th

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequences (../). During volume deletion or cleanup operations, the driver could operate on unintended directories outside the intended managed path within the NFS export. This may lead to deletion or modification of directories on the NFS server.

CWE	CWE-22
Vendor	kubernetes
Product	csi driver for nfs
Ecosystems	Container Cloud
Industries	Technology
Published	Mar 20, 2026
Last Updated	Mar 23, 2026

Stay Ahead of the Next One

Get instant alerts for kubernetes csi driver for nfs

Be the first to know when new medium vulnerabilities affecting kubernetes csi driver for nfs are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Affected Versions

Kubernetes / CSI Driver for NFS

0 < 4.13.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

groups.google.com: https://groups.google.com/g/kubernetes-security-announce/c/i4ZKN9VLcUE github.com: https://github.com/kubernetes/kubernetes/issues/137797 openwall.com: http://www.openwall.com/lists/oss-security/2026/03/17/1

Credits

🔍 Shaul Ben Hai, Senior Staff Security Researcher, SentinelOne