VDB
CVE-2026-9804
CVE-2026-9804
PUBLISHED
CVSS 7.7 HIGH
Reported by redhat · Published May 28, 2026
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link (symlink) within an exported filesystem Persistent Volume Claim (PVC) that points outside its designated mount root, the attacker can read arbitrary files from the exporter pod's filesystem. This leads to information disclosure, potentially exposing sensitive data.
Risk Scores
CVSS 3.1
7.7
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Container Native Virtualization 4.17 | 1781757410 |
| Red Hat | Red Hat Container Native Virtualization 4.18 | 1781928221 |
| Red Hat | Red Hat Container Native Virtualization 4.19 | 1781590993 |
| Red Hat | Red Hat Container Native Virtualization 4.20 | 1781838712 |
| Red Hat | Red Hat Container Native Virtualization 4.21 | 1782012918 |
| Red Hat | Red Hat OpenShift Virtualization 4 | |
| Red Hat | Red Hat Container Native Virtualization 4.18 | 1781928221, 1781928221, 1781928221 |
| Red Hat | Red Hat OpenShift Virtualization 4 | |
| Red Hat | Red Hat OpenShift Virtualization 4 | |
| Red Hat | Red Hat OpenShift Virtualization 4 | |
| Red Hat | Red Hat Container Native Virtualization 4.20 | |
| kubevirt.io | kubevirt | 0 |
| Red Hat | Red Hat Container Native Virtualization 4.17 | 1781757410, 1781757410, 1781757410 |
| Red Hat | Red Hat Container Native Virtualization 4.20 | 1781838712, 1781838712, 1781838712 |
| Red Hat | Red Hat Container Native Virtualization 4.21 | 1782012918, 1782012918, 1782012918 |
| Red Hat | Red Hat Container Native Virtualization 4.19 | 1781590993, 1781590993, 1781590993 |
| Red Hat | Red Hat Container Native Virtualization 4.21 | |
| Red Hat | Red Hat Container Native Virtualization 4.18 | |
| Red Hat | Red Hat Container Native Virtualization 4.19 | |
| Red Hat | Red Hat Container Native Virtualization 4.17 |
Timeline
- May 28, 2026 CVE Published
- May 28, 2026 EPSS Score
- May 29, 2026 EPSS Score
- May 30, 2026 EPSS Score
- May 30, 2026 Coalition ESS Score
- May 31, 2026 EPSS Score
- Jun 1, 2026 EPSS Score
- Jun 2, 2026 Security Advisory
- Jun 5, 2026 EPSS Score
- Jun 22, 2026 CVE Updated
- Jun 23, 2026 Distribution Patch
- Jun 23, 2026 Distribution Patch
References
- RHSA-2026:27903 vendor-advisoryx_refsource_REDHAT
- RHSA-2026:27913 vendor-advisoryx_refsource_REDHAT
- RHSA-2026:27914 vendor-advisoryx_refsource_REDHAT
- RHSA-2026:27983 vendor-advisoryx_refsource_REDHAT
- RHSA-2026:28002 vendor-advisoryx_refsource_REDHAT
- vdb-entryx_refsource_REDHAT
- RHBZ#2482487 issue-trackingx_refsource_REDHAT
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-9804.json url
- https://nvd.nist.gov/vuln/detail/CVE-2026-9804 advisory
- https://github.com/advisories/GHSA-mpmf-3w4r-qfpf advisory
- https://github.com/kubevirt/kubevirt/commit/6ea563fa94d8ca803f8dd9394cefd8cae36bb0ee patch