Auth bypass in Containerd

CVE-2026-53492

containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface (CDI) annotations found within untrusted checkpoint image metadata during cont…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

Affected products

  • Containerd — versions >= 2.1.0, < 2.1.9, >= 2.2.0, < 2.2.5, >= 2.3.0, < 2.3.2

Weakness classification (CWE)

References