Privilege escalation in Containers Bubblewrap

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the s…

Vulnerability class: Privilege Escalation

EPSS: 0.001 (23.7th percentile) — read the EPSS interpretation.

Affected products

Containers Bubblewrap — versions >= 0.11.0, < 0.11.2

Weakness classification (CWE)

CWE-269 — Improper Privilege Management

References

security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_CONFIRM)