๐Ÿ” CVE Alert

CVE-2026-46680

UNKNOWN 0.0

containerd user ID handling bypass allows runAsNonRoot evasion

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an /etc/passwd file mapping this large numeric string to root, the container ultimately runs as root (UID 0). This allows the Kubernetes runAsNonRoot restriction to be bypassed, causing unexpected behavior for environments that require containers to run as a non-root user. This issue has been fixed in versions 1.7.32, 2.0.9, 2.2.4 and 2.3.1.

CWE CWE-269
Vendor containerd
Product containerd
Published Jul 1, 2026
Last Updated Jul 2, 2026
Stay Ahead of the Next One

Get instant alerts for containerd containerd

Be the first to know when new unknown vulnerabilities affecting containerd containerd are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

containerd / containerd
< 1.7.32 >= 2.0.4, < 2.0.9 >= 2.0.10, < 2.2.4 >= 2.2.5, < 2.3.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/containerd/containerd/security/advisories/GHSA-fqw6-gf59-qr4w