CVE-2026-33590
Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
28/05/2026
Last modified:
12/06/2026
Description
Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent <br />
<br />
access on the host.



