CVE-2026-7374

PUBLISHED
Published: 26 May 2026, 13:14
Last modified:26 May 2026, 13:14

Vulnerability Summary

Overall Risk (default)
high
70/100
CVSS Score
9.9 CRITICAL
v3.1 (cve.org)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

26 May 2026, 13:14
Published
Vulnerability first disclosed

Description

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.

CVSS Metrics

  • v3.1CRITICALScore: 9.9CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Techniques & Countermeasures

  • CWE-59Improper Link Resolution Before File Access ('Link Following')

    The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (2)