CVE-2026-46680
high
CVSS v3
—
CVSS v2
—
VIR risk
8.0
Description
containerd user ID handling bypass allows runAsNonRoot evasion
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Go | github.com/containerd/containerd | >=1.7.27,<1.7.32 | 1.7.32 |
| Go | github.com/containerd/containerd/v2 | >=2.0.4,<2.0.9 | 2.0.9 |
| Go | github.com/containerd/containerd/v2 | >=2.1.0-beta.0,<2.2.4 | 2.2.4 |
| Go | github.com/containerd/containerd/v2 | >=2.3.0-beta.0,<2.3.1 | 2.3.1 |
| GO | github.com/containerd/containerd/v2 | >= 2.3.0-beta.0, < 2.3.1 | 2.3.1 |
| GO | github.com/containerd/containerd/v2 | >= 2.1.0-beta.0, < 2.2.4 | 2.2.4 |
| GO | github.com/containerd/containerd/v2 | >= 2.0.4, < 2.0.9 | 2.0.9 |
| GO | github.com/containerd/containerd | >= 1.7.27, < 1.7.32 | 1.7.32 |
References
Verify integrity in audit chain (admin only). AS-IS.