{"api_version":"1","generated_at":"2026-06-26T18:55:35+00:00","cve":"CVE-2026-55686","urls":{"html":"https://cve.report/CVE-2026-55686","api":"https://cve.report/api/cve/CVE-2026-55686.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-55686","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-55686"},"summary":{"title":"Podman: WORKDIR symlink traversal vulnerability","description":"Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an untrusted/malicious process that mutates the host filesystem tree during dereferencing of the WORKDIR path, to trigger a race condition. This vulnerability is fixed in 5.7.1.","state":"PUBLISHED","assigner":"GitHub_M","published_at":"2026-06-26 17:16:34","updated_at":"2026-06-26 18:13:25"},"problem_types":["CWE-61","CWE-61 CWE-61: UNIX Symbolic Link (Symlink) Following"],"metrics":[{"version":"3.1","source":"security-advisories@github.com","type":"Secondary","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","version":"3.1"}}],"references":[{"url":"https://github.com/podman-container-tools/podman/security/advisories/GHSA-q6r4-3wmg-fwcq","name":"https://github.com/podman-container-tools/podman/security/advisories/GHSA-q6r4-3wmg-fwcq","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/podman-container-tools/podman/commit/d18e44e9abb3bf5b7294aa70806e1368fdddfdd0","name":"https://github.com/podman-container-tools/podman/commit/d18e44e9abb3bf5b7294aa70806e1368fdddfdd0","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-55686","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-55686","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"podman-container-tools","product":"podman","version":"affected >= 3.0.0, < 5.7.1","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"product":"podman","vendor":"podman-container-tools","versions":[{"status":"affected","version":">= 3.0.0, < 5.7.1"}]}],"descriptions":[{"lang":"en","value":"Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an untrusted/malicious process that mutates the host filesystem tree during dereferencing of the WORKDIR path, to trigger a race condition. This vulnerability is fixed in 5.7.1."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-61","description":"CWE-61: UNIX Symbolic Link (Symlink) Following","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-26T16:30:41.345Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"name":"https://github.com/podman-container-tools/podman/security/advisories/GHSA-q6r4-3wmg-fwcq","tags":["x_refsource_CONFIRM"],"url":"https://github.com/podman-container-tools/podman/security/advisories/GHSA-q6r4-3wmg-fwcq"},{"name":"https://github.com/podman-container-tools/podman/commit/d18e44e9abb3bf5b7294aa70806e1368fdddfdd0","tags":["x_refsource_MISC"],"url":"https://github.com/podman-container-tools/podman/commit/d18e44e9abb3bf5b7294aa70806e1368fdddfdd0"}],"source":{"advisory":"GHSA-q6r4-3wmg-fwcq","discovery":"UNKNOWN"},"title":"Podman: WORKDIR symlink traversal vulnerability"}},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2026-55686","datePublished":"2026-06-26T16:30:41.345Z","dateReserved":"2026-06-17T00:13:10.650Z","dateUpdated":"2026-06-26T16:30:41.345Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-26 17:16:34","lastModifiedDate":"2026-06-26 18:13:25","problem_types":["CWE-61","CWE-61 CWE-61: UNIX Symbolic Link (Symlink) Following"],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"55686","Ordinal":"1","Title":"Podman: WORKDIR symlink traversal vulnerability","CVE":"CVE-2026-55686","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"55686","Ordinal":"1","NoteData":"Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an untrusted/malicious process that mutates the host filesystem tree during dereferencing of the WORKDIR path, to trigger a race condition. This vulnerability is fixed in 5.7.1.","Type":"Description","Title":"Podman: WORKDIR symlink traversal vulnerability"}]}}}