๐Ÿ” CVE Alert

CVE-2026-7374

CRITICAL 9.9

Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability

CVSS Score
9.9
EPSS Score
0.1%
EPSS Percentile
30th

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.

CWE CWE-59
Vendor red hat
Product red hat container native virtualization 4.12
Published May 26, 2026
Last Updated May 28, 2026
Stay Ahead of the Next One

Get instant alerts for red hat red hat container native virtualization 4.12

Be the first to know when new critical vulnerabilities affecting red hat red hat container native virtualization 4.12 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

Red Hat / Red Hat Container Native Virtualization 4.12
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.13
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.14
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.15
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.16
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.17
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.18
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.19
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.2
All versions affected
Red Hat / Red Hat Container Native Virtualization 4.21
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20720 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20736 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20763 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20767 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20782 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20825 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20866 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20886 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20890 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:20975 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-7374 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2463728

Credits

This issue was discovered by Sarah Bennert (Red Hat) and Stoyan Nikolov (Red Hat).