Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Podman: Unauthenticated Container Escalation of Privilege
RHSA-2026:3336
Summary
A security update is available for Podman, a tool for running containers. This update fixes a flaw that allows attackers to gain elevated access to the system. If not patched, an attacker could potentially exploit this vulnerability to gain administrative access to your system.
What to do
- Update redhat podman to version 7:5.6.0-12.el10_1.
- Update redhat podman-debuginfo to version 7:5.6.0-12.el10_1.
- Update redhat podman-debugsource to version 7:5.6.0-12.el10_1.
- Update redhat podman-docker to version 7:5.6.0-12.el10_1.
- Update redhat podman-remote to version 7:5.6.0-12.el10_1.
- Update redhat podman-remote-debuginfo to version 7:5.6.0-12.el10_1.
- Update redhat podman-tests to version 7:5.6.0-12.el10_1.
- Update redhat podman-tests-debuginfo to version 7:5.6.0-12.el10_1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | podman | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
| redhat | podman-debuginfo | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
| redhat | podman-debugsource | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
| redhat | podman-docker | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
| redhat | podman-remote | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
| redhat | podman-remote-debuginfo | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
| redhat | podman-tests | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
| redhat | podman-tests-debuginfo | <= 7:5.6.0-12.el10_1 | 7:5.6.0-12.el10_1 |
Original title
Red Hat Security Advisory: podman security update
osv CVSS3.1
7.5
- https://access.redhat.com/errata/RHSA-2026:3336 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#important Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2418462 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2434431 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2434432 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2437111 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3336.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-61726 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-61726 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-61726 Vendor Advisory
- https://go.dev/cl/736712 Third Party Advisory
- https://go.dev/issue/77101 Third Party Advisory
- https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc Third Party Advisory
- https://pkg.go.dev/vuln/GO-2026-4341 Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-61728 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-61728 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-61728 Vendor Advisory
- https://go.dev/cl/736713 Third Party Advisory
- https://go.dev/issue/77102 Third Party Advisory
- https://pkg.go.dev/vuln/GO-2026-4342 Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-61729 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-61729 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-61729 Vendor Advisory
- https://go.dev/cl/725920 Third Party Advisory
- https://go.dev/issue/76445 Third Party Advisory
- https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 Third Party Advisory
- https://pkg.go.dev/vuln/GO-2025-4155 Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-68121 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-68121 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-68121 Vendor Advisory
- https://go.dev/cl/737700 Third Party Advisory
- https://go.dev/issue/77217 Third Party Advisory
- https://groups.google.com/g/golang-announce/c/K09ubi9FQFk Third Party Advisory
- https://pkg.go.dev/vuln/GO-2026-4337 Vendor Advisory
Published: 26 Feb 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026