CVE-2026-33590EPSS p32.7%

CVE-2026-33590CVE-2026-33590

Description

Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the host.

Scoring

EPSS0.41% probability of exploitation · percentile 32.7% · 2026-06-18T12:00:27Z
Last modified2026-06-12
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.