Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: portainer Clear
ID Title
CVE-2026-44884 Vulnerability in github.com/portainer/portainer (CVE-2026-44884)
vulnerability in github.com/portainer/portainer (CVE-2026-44884). Confidential information can be exposed externally. Exploitable via `GET /api/custom_templates/{id}/file`. Mitigation: upgrade to `2.39.1` or later.
CVE-2026-44883 Vulnerability in github.com/portainer/portainer (CVE-2026-44883)
vulnerability in github.com/portainer/portainer (CVE-2026-44883). Successful exploitation can lead to full system takeover. Exploitable via ``Referer``. Mitigation: upgrade to `2.41.0` or later.
CVE-2026-44849 Vulnerability in github.com/portainer/portainer (CVE-2026-44849)
vulnerability in github.com/portainer/portainer (CVE-2026-44849). Successful exploitation can lead to full system takeover. Exploitable via `POST /services/create`. Mitigation: upgrade to `2.41.0` or later.
CVE-2026-44882 Authorization Flaw in github.com/portainer/portainer (CVE-2026-44882)
vulnerability in github.com/portainer/portainer (CVE-2026-44882). Confidential information can be exposed externally. Exploitable via ``kubeClientMiddleware``. Mitigation: upgrade to `2.33.8` or later.
CVE-2026-44881 Information Disclosure in github.com/portainer/portainer (CVE-2026-44881)
vulnerability in github.com/portainer/portainer (CVE-2026-44881). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/stacks/{id}/file`. Mitigation: upgrade to `2.41.0` or later.
CVE-2026-44850 Authorization Flaw in github.com/portainer/portainer (CVE-2026-44850)
vulnerability in github.com/portainer/portainer (CVE-2026-44850). Confidential information can be exposed externally. Exploitable via `POST /containers/create`. Mitigation: upgrade to `2.41.0` or later.
CVE-2026-44885 Path Traversal in github.com/portainer/portainer (CVE-2026-44885)
path traversal in github.com/portainer/portainer (CVE-2026-44885). Data can be tampered with by attackers. Exploitable via ``ExtractTarGz``. Mitigation: upgrade to `2.33.8` or later.
CVE-2026-44848 Vulnerability in github.com/portainer/portainer (CVE-2026-44848)
vulnerability in github.com/portainer/portainer (CVE-2026-44848). Successful exploitation can lead to full system takeover. Exploitable via `POST /plugins/pull`. Mitigation: upgrade to `2.41.0` or later.
CVE-2024-29296 Vulnerability in portainer (CVE-2024-29296)
vulnerability in portainer (CVE-2024-29296). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →