cbcvebase.
CVE-2025-54867
published 2025-08-14

CVE-2025-54867: Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to…

PriorityP433high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
EPSS
0.16%
5.6th percentile
Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5.

Affected

2 ranges
VendorProductVersion rangeFixed in
youki-devyouki< 0.5.50.5.5
youki-devyouki>= 0 < 0.5.50.5.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.