Katacontainers Kata Containers vulnerabilities

CVE-2026-24834 [HIGH] CWE-732 CVE-2026-24834: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtu Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root

CVE-2026-24054 [HIGH] CWE-754 CVE-2026-24054: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtu Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter directory for the container rootfs. When the Kata runtime

CVE-2020-27151 [HIGH] CVE-2020-27151: An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted access rights to a cluster will be able to have kata-runtime execute arbitrary binaries as root on the worker nodes.