CVE-2026-24834 — Kata Container to Guest micro VM privilege escalation in github.com/kata-contain · VulnScope

CVE-2026-24834

Kata Container to Guest micro VM privilege escalation in github.com/kata-containers/kata-containers/src/runtime

EPSS 0.01%

Description

Kata Container to Guest micro VM privilege escalation in github.com/kata-containers/kata-containers/src/runtime

How to fix CVE-2026-24834

To remediate CVE-2026-24834, upgrade the affected package to a fixed version below.

Go/github.com/kata-containers/kata-containers/src/runtime—upgrade to 0.0.0-20260219090056-6a672503973b or later
Go/github.com/kata-containers/kata-containers/src/runtime—upgrade to 0.0.0-20260219090056-6a672503973b or later

Is CVE-2026-24834 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 0.0.0-20260219090056-6a672503973b
from 0, < 0.0.0-20260219090056-6a672503973b

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 4.0	—	CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

References (5)