HarborGuard / CVE
Back to search
CRITICALCVE-2026-44849Published Modified CNA GitHub_M

CVE-2026-44849: Portainer: Endpoint security bypass via Swarm service create/update

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt (Seccomp / AppArmor), and bind mounts. These restrictions are enforced on the standard container creation path, but several of them are not applied on the Docker Swarm service API. This vulnerability is fixed in 2.33.8, 2.39.2, and 2.41.0.

HarborGuard Analysis

HarborGuard analysis

Synopsis

An authentication bypass vulnerability in Portainer Community Edition allows a low-privilege user to circumvent administrator-configured endpoint security restrictions by targeting the Docker Swarm service API instead of the standard container creation path. The flaw is reachable over the network and requires only a low-privilege account, with no victim interaction needed. Successful exploitation lets an attacker launch containers with privileged mode, host PID namespace, unrestricted capabilities, arbitrary bind mounts, and other dangerous configurations that administrators explicitly blocked. HarborGuard is tracking this advisory and will make a patched-image rebuild available the moment an upstream fix is published.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images in connected registries and CI/CD pipelines, including custom-built Portainer images. Any image found running an affected Portainer version (2.33.0 to before 2.33.8, 2.39.0 to before 2.39.2, or 2.40.0 to before 2.41.0) is flagged automatically.

Available
Triage

HarborGuard scores this CVE at CVSS v4.0 9.4 (Critical) and surfaces it with that severity weighting in every matched environment. Per-environment compliance policy rules can escalate routing to the appropriate security or platform team inbox within each customer organization.

Available
Patch

No upstream fix versions have been published as of this record. HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment upstream ships a fix. For customers with auto-remediation enabled, a rebuild, regression-test run, and pull request against affected workloads will be initiated without manual intervention once the fix is available.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Portainer service over the network; the CVSS vector specifies AV:N, meaning no local or physical access is required.

  • AuthenticationRequired

    The attacker must hold a low-privilege Portainer account; admin credentials are not needed, but unauthenticated access alone is not sufficient (PR:L).

  • Victim interactionNot required

    No action from another user or administrator is needed to exploit this vulnerability (UI:N).

  • Attack complexityDetail

    Attack complexity is Low (AC:L), meaning the exploit is reliable and requires no special timing, race conditions, or environmental prerequisites beyond network access and a valid low-privilege account.

Blast Radius

  • Attacker launches containers in privileged mode or with the host PID namespace, gaining visibility into and control over host-level processes.
  • Attacker mounts arbitrary host filesystem paths into containers, reading or overwriting sensitive files including credentials, keys, and configuration data.
  • Attacker loads unrestricted Linux capabilities or bypasses Seccomp and AppArmor profiles, removing kernel-level isolation from the running container.
  • Because both system and subsequent scope impacts are rated High (SC:H, SI:H, SA:H), compromise can extend beyond the initial container to affect other workloads and the underlying host.

How HarborGuard Handles This

Available on HarborGuard: detection for this Critical-severity endpoint security bypass is active across all connected environments, matching affected Portainer versions in registries and pipelines as images are pushed or scheduled scans run. Because no upstream fix has been published yet, the recommended immediate compensating controls are to restrict network access to the Portainer API to trusted administrative networks using network policy isolation, remove low-privilege accounts from any environment where Swarm services can be created or updated, and consider disabling Swarm service create/update endpoints via an ingress or reverse-proxy rule until a patch is available. HarborGuard monitors the advisory on every ingest cycle; when upstream publishes a fix in a 2.33.x, 2.39.x, or 2.41.x release, a patched-image rebuild becomes available immediately, and customers with auto-remediation enabled will receive a rebuilt image, a regression-test run, and a PR opened against affected workloads without requiring manual steps.

See how HarborGuard automates this

Metrics

CVSS v4.0
9.4
Severity
CRITICAL
Fixed in
Affected Products
1
Affected packages
  • portainer / portainer
    >= 2.33.0, < 2.33.8 · >= 2.39.0, < 2.39.2 · >= 2.40.0, < 2.41.0
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
References