EXECUTIVE SUMMARY:
Six vulnerabilities affecting Portainer primarily involve authorization controls, container security restrictions, token handling, and file access mechanisms. The flaws allow attackers or low-privileged users to bypass endpoint security policies, access Kubernetes resources, leak JWT authentication tokens, read arbitrary files from the host system, bypass bind-mount protections, and even achieve remote code execution on the host through improperly protected Docker plugin endpoints. Several vulnerabilities stem from insufficient validation, missing authorization checks, unsafe symlink handling, and improper middleware execution logic. Successful exploitation could lead to privilege escalation, unauthorized container management, credential exposure, Kubernetes compromise, host filesystem access, and full infrastructure takeover in Docker or Kubernetes environments. CVE-2026-44883 with a CVSS score of 7.7 – Portainer's authentication middleware accepts JWT bearer tokens passed as the `?token=` URL query parameter on any authenticated API endpoint, allowing an attacker to harvest a leaked token from logs or HTTP `Referer` headers. CVE-2026-44849 with a CVSS score of 9.4 – Portainer enforces seven `EndpointSecuritySettings` restrictions that administrators configure to restrict the container configurations non-admin users can launch, but these restrictions are not applied on the Docker Swarm service API, allowing a non-admin user with access to a Docker Swarm endpoint to create a service with elevated capabilities. CVE-2026-44882 with a CVSS score of 8.1 – Portainer's Kubernetes middleware continues after token validation failure, bypassing endpoint authorization and allowing a low-privileged user to reach Kubernetes API endpoints on environments their role does not permit. CVE-2026-44881 with a CVSS score of 8.5 – Portainer has an arbitrary file read via Git symlink injection in stack auto-update, allowing an attacker to read sensitive data from the host filesystem by creating a Git-backed stack with a malicious `docker-compose.yml` file. CVE-2026-44850 with a CVSS score of 8.5 – Portainer has a bind-mount restriction bypass via HostConfig.Mounts, allowing a regular user with container-create rights on an environment where the restriction is enabled to mount any host path into their container. CVE-2026-44848 with a CVSS score of 9.4 – Portainer missing authorization on Docker plugin endpoints, which allows host RCE, allowing an attacker to install and enable arbitrary Docker plugins from any registry and execute plugin code with root privileges on the host.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
Six vulnerabilities affecting Portainer primarily involve authorization controls, container security restrictions, token handling, and file access mechanisms. The flaws allow attackers or low-privileged users to bypass endpoint security policies, access Kubernetes resources, leak JWT authentication tokens, read arbitrary files from the host system, bypass bind-mount protections, and even achieve remote code execution on the host through improperly protected Docker plugin endpoints. Several vulnerabilities stem from insufficient validation, missing authorization checks, unsafe symlink handling, and improper middleware execution logic. Successful exploitation could lead to privilege escalation, unauthorized container management, credential exposure, Kubernetes compromise, host filesystem access, and full infrastructure takeover in Docker or Kubernetes environments. CVE-2026-44883 with a CVSS score of 7.7 – Portainer's authentication middleware accepts JWT bearer tokens passed as the `?token=` URL query parameter on any authenticated API endpoint, allowing an attacker to harvest a leaked token from logs or HTTP `Referer` headers. CVE-2026-44849 with a CVSS score of 9.4 – Portainer enforces seven `EndpointSecuritySettings` restrictions that administrators configure to restrict the container configurations non-admin users can launch, but these restrictions are not applied on the Docker Swarm service API, allowing a non-admin user with access to a Docker Swarm endpoint to create a service with elevated capabilities. CVE-2026-44882 with a CVSS score of 8.1 – Portainer's Kubernetes middleware continues after token validation failure, bypassing endpoint authorization and allowing a low-privileged user to reach Kubernetes API endpoints on environments their role does not permit. CVE-2026-44881 with a CVSS score of 8.5 – Portainer has an arbitrary file read via Git symlink injection in stack auto-update, allowing an attacker to read sensitive data from the host filesystem by creating a Git-backed stack with a malicious `docker-compose.yml` file. CVE-2026-44850 with a CVSS score of 8.5 – Portainer has a bind-mount restriction bypass via HostConfig.Mounts, allowing a regular user with container-create rights on an environment where the restriction is enabled to mount any host path into their container. CVE-2026-44848 with a CVSS score of 9.4 – Portainer missing authorization on Docker plugin endpoints, which allows host RCE, allowing an attacker to install and enable arbitrary Docker plugins from any registry and execute plugin code with root privileges on the host.[emaillocker id="1283"]
RECOMMENDATION:
We strongly recommend you update github.com/portainer/portainer to below version:
CVE-2026-44883: https://github.com/advisories/GHSA-jvp4-q659-95mj
CVE-2026-44849: https://github.com/advisories/GHSA-5fxq-qcf3-244w CVE-2026-44882: https://github.com/advisories/GHSA-mgq6-4x29-88r3 CVE-2026-44881: https://github.com/advisories/GHSA-rpgq-m5fp-32wr CVE-2026-44850: https://github.com/advisories/GHSA-7fw3-x4r2-g7wc CVE-2026-44848: https://github.com/advisories/GHSA-rrmm-9v76-h3p4
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-jvp4-q659-95mj
https://github.com/advisories/GHSA-5fxq-qcf3-244w
https://github.com/advisories/GHSA-mgq6-4x29-88r3
https://github.com/advisories/GHSA-rpgq-m5fp-32wr
https://github.com/advisories/GHSA-7fw3-x4r2-g7wc
https://github.com/advisories/GHSA-rrmm-9v76-h3p4