VDB
CGA-8cq6-jhmj-qfmr
CGA-8cq6-jhmj-qfmr
PUBLISHED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wolfi | nvidia-container-toolkit | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit-nvidia-container-runtime-legacy | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit-nvidia-container-runtime-cdi | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-nvidia-ctk-installer | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit-nvidia-container-runtime | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-containerd | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit-operator | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-docker | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-crio | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-operator | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit-nvidia-container-runtime-hook | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit-nvidia-toolkit | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-nvidia-cdi-hook | 0, 0, 0 |
| Chainguard | nvidia-container-toolkit-toolkit | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-nvidia-container-runtime-legacy | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-nvidia-container-runtime-cdi | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-toolkit | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-nvidia-container-runtime-hook | 0, 0, 0 |
| Wolfi | nvidia-container-toolkit-nvidia-ctk | 0, 0, 0 |
…and 8 more
Exploit Intelligence
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc-repo)
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc)
- CVE-2025-23266 – Fully Weaponized NVIDIA Container Toolkit Exploit (github-poc-repo)
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc-repo)
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc)
- CVE-2025-23266 targets FastAPI’s parse_request() function, where oversized HTTP headers cause a buffer overflow and remote code execution. The article explains how attackers can escape container boundaries, compromise AI workloads, and how tools like Sentinel can detect and mitigate the threat (github-poc)
- cve-2025-23266-migration-bypass (github-poc)
- CVE-2025-23266 – Fully Weaponized NVIDIA Container Toolkit Exploit (github-poc)
- PoC for NVIDIAScape bug (github-poc)
- vul.go (github-poc)
…and 8 more exploits
Timeline
- Jan 29, 2026 CVE Published
- Feb 4, 2026 CVE Updated