{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33414", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-19T17:02:34.171Z", "datePublished": "2026-04-14T22:42:19.822Z", "dateUpdated": "2026-04-16T13:57:28.317Z"}, "containers": {"cna": {"title": "PowerShell Command Injection in Podman HyperV Machine", "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "version": "4.0"}}], "references": [{"name": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59"}, {"name": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed", "tags": ["x_refsource_MISC"], "url": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed"}], "affected": [{"vendor": "containers", "product": "podman", "versions": [{"version": ">= 4.8.0, < 5.8.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-14T22:42:19.822Z"}, "descriptions": [{"lang": "en", "value": "Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection. Because PowerShell evaluates subexpressions inside double-quoted strings before executing the outer command, an attacker who can control the VM image path through a crafted machine name or image directory can execute arbitrary PowerShell commands with the privileges of the Podman process. On typical Windows installations this means SYSTEM-level code execution, and only Windows is affected as the code is exclusive to the HyperV backend. This issue has been patched in version 5.8.2."}], "source": {"advisory": "GHSA-hc8w-h2mf-hp59", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-16T13:57:01.669490Z", "id": "CVE-2026-33414", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T13:57:28.317Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33414", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-16T13:57:01.669490Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T13:57:11.596Z"}}], "cna": {"title": "PowerShell Command Injection in Podman HyperV Machine", "source": {"advisory": "GHSA-hc8w-h2mf-hp59", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "containers", "product": "podman", "versions": [{"status": "affected", "version": ">= 4.8.0, < 5.8.2"}]}], "references": [{"url": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59", "name": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed", "name": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection. Because PowerShell evaluates subexpressions inside double-quoted strings before executing the outer command, an attacker who can control the VM image path through a crafted machine name or image directory can execute arbitrary PowerShell commands with the privileges of the Podman process. On typical Windows installations this means SYSTEM-level code execution, and only Windows is affected as the code is exclusive to the HyperV backend. This issue has been patched in version 5.8.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-14T22:42:19.822Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33414", "state": "PUBLISHED", "dateUpdated": "2026-04-16T13:57:28.317Z", "dateReserved": "2026-03-19T17:02:34.171Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-14T22:42:19.822Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC4FD8D2-840D-4C20-B12B-8019FC6A2836", "versionEndExcluding": "5.8.2", "versionStartIncluding": "4.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection. Because PowerShell evaluates subexpressions inside double-quoted strings before executing the outer command, an attacker who can control the VM image path through a crafted machine name or image directory can execute arbitrary PowerShell commands with the privileges of the Podman process. On typical Windows installations this means SYSTEM-level code execution, and only Windows is affected as the code is exclusive to the HyperV backend. This issue has been patched in version 5.8.2."}], "id": "CVE-2026-33414", "lastModified": "2026-04-23T17:49:13.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-14T23:16:27.987", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "podman: github.com/containers/podman: Podman: Arbitrary code execution via command injection in HyperV backend", "id": "2458522", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458522"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-94", "details": ["A flaw was found in Podman, a tool for managing containers. This vulnerability, located in the HyperV machine backend, allows for command injection. An attacker who can manipulate the virtual machine (VM) image path can inject and execute arbitrary PowerShell commands. This could lead to unauthorized system-level code execution on Windows installations where Podman is running."], "name": "CVE-2026-33414", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "podman", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:rhel8/podman", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "podman", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "podman", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-04-14T22:42:19Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-33414\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-33414\nhttps://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed\nhttps://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59"], "statement": "This flaw in Podman's HyperV backend does not affect Red Hat products. The vulnerable code path is exclusive to Windows installations, and the HyperV backend is not utilized on Red Hat Enterprise Linux or OpenShift Container Platform.", "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.8.0,5.8.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "podman", "vendor": "containers"}], "analysis": {"en": {"generated_at": "2026-04-16T09:12:21.210639+00:00", "value": {"mitigation_remediation": ["Upgrade Podman to version 5.8.2 or later to remove the injection flaw.", "Configure Podman to run with the least privileges required; on Windows avoid running it under an elevated or Administrator account if possible.", "Restrict write access to the directories where machine names and image paths are stored, and validate or sanitize any user\u2011supplied values before creating machines."], "summary": {"action": "Patch Now", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected product is Podman, the container management tool provided by the containers:podman project. Versions 4.8.0 through 5.8.1 are vulnerable; all other releases are unaffected. The issue is exclusive to the HyperV backend and therefore only affects Windows installations. The vulnerability has been fixed in Podman 5.8.2.", "description_and_impact": "The vulnerability is a command injection flaw present in the HyperV machine backend of Podman. In versions 4.8.0 through 5.8.1, the VM image path is concatenated directly into a double-quoted PowerShell command without sanitization. An attacker who can influence the VM image path\u2014for example by providing a specially crafted machine name or specifying an image directory\u2014can inject a $() subexpression. PowerShell evaluates that subexpression before executing the outer command, which allows arbitrary PowerShell code to run with the same privileges as the Podman process. On Windows this means potential SYSTEM-level execution.", "risk_and_exploitability": "The CVSS score of 4 indicates a low severity, yet the ability to execute code at the Podman process level turns this into a remote code execution risk. An EPSS score of <1% (approximately 0.00028) shows a low but non\u2011zero likelihood of exploitation. The vulnerability has not been listed in CISA's KEV catalog. Attackers need to control the VM image path, which can be done if they can supply a machine name or image directory during machine creation, typically via local or remote access to the Podman service. Because the flaw uses PowerShell injection, the attack vector is Windows\u2011only, and the impact is equivalent to running arbitrary commands with SYSTEM privileges if Podman is elevated."}}}}, "created": "2026-04-15T14:31:57.022153+00:00", "updated": "2026-04-16T09:15:30.991095+00:00", "vendors": ["containers", "containers$PRODUCT$podman"]}