Home / Vulnerability Intelligence / CVE-2026-28406

CVE-2026-28406 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 2, 2026

kaniko - Path Traversal & Remote Code Execution

Published: February 27, 2026Updated: March 2, 2026Remote Exploitable

Overview

kaniko >= 1.25.4 and < 1.25.10 contains a path traversal caused by improper path sanitization in build context archive extraction, letting attackers execute code within the executor process, exploit requires registry authentication.

Severity & Score

Severity: High

CVSS Score: 8.2

EPSS Score: 12.0%(Probability of exploitation in next 30 days)

Impact

Attackers can execute code within the executor process, potentially compromising the build environment.

Mitigation

Update to version 1.25.10 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Feb 28, 2026

🟠 CVE-2026-28406 - High (8.2) kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28406/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-28406
Severity: High
CVSS Score: 8.2
Type: path_traversal
Status: unconfirmed
EPSS: 12.0%
Social Posts: 1

CWE

CWE-22

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

EPSS Score

12.0%Probability of exploitation in the next 30 days