Description
Podman Desktop is a graphical tool for developing on containers and Kubernetes. A critical authentication bypass vulnerability in Podman Desktop prior to version 1.25.1 allows any extension to completely circumvent permission checks and gain unauthorized access to all authentication sessions. The `isAccessAllowed()` function unconditionally returns `true`, enabling malicious extensions to impersonate any user, hijack authentication sessions, and access sensitive resources without authorization. This vulnerability affects all versions of Podman Desktop. Version 1.25.1 contains a patch for the issue.
Published: 2026-01-28
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized access via authentication bypass
Action: Immediate Patch
AI Analysis

Impact

Podman Desktop includes a critical authentication bypass flaw that allows any installed extension to override native permission checks by calling isAccessAllowed() which always returns true. This enables a malicious extension to impersonate any user, hijack all authentication sessions, and access sensitive resources such as containers and Kubernetes configurations. The vulnerability is categorized as an improper authorization and missing authentication weakness. The impact is the complete loss of user isolation and the ability to compromise any resources the user was permitted to reach.

Affected Systems

The flaw affects all editions of Podman Desktop released before version 1.25.1. The Linux Foundation’s Podman Desktop product is the only vendor listed. A patch that resolves the issue is available in release 1.25.1 and later.

Risk and Exploitability

The CVSS score of 8.8 reflects a high severity, while the EPSS score of less than 1 % indicates a low probability of exploitation under current conditions. The vulnerability is not listed in the CISA KEV catalog. Because any extension can trigger the bypass, a local or user‑initiated attack is the most plausible path. Even though exploitation likelihood is low, the potential to compromise all authenticated sessions warrants immediate action.

Generated by OpenCVE AI on April 18, 2026 at 01:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Podman Desktop to version 1.25.1 or later to install the vendor‑supplied fix.
  • Remove or disable any non‑trusted or unfamiliar extensions before the update.
  • Configure the application to allow only signed extensions and enforce strict permission checks for new extensions.

Generated by OpenCVE AI on April 18, 2026 at 01:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 02 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Linuxfoundation
Linuxfoundation podman Desktop
CPEs cpe:2.3:a:linuxfoundation:podman_desktop:*:*:*:*:*:*:*:*
Vendors & Products Linuxfoundation
Linuxfoundation podman Desktop
Metrics cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N'}

 cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Fri, 30 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-305
References
Metrics threat_severity

None

 cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N'}

threat_severity

Moderate

Thu, 29 Jan 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Podman-desktop
Podman-desktop podman-desktop
Vendors & Products Podman-desktop
Podman-desktop podman-desktop

Wed, 28 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 28 Jan 2026 21:00:00 +0000

Type Values Removed Values Added
Description Podman Desktop is a graphical tool for developing on containers and Kubernetes. A critical authentication bypass vulnerability in Podman Desktop prior to version 1.25.1 allows any extension to completely circumvent permission checks and gain unauthorized access to all authentication sessions. The `isAccessAllowed()` function unconditionally returns `true`, enabling malicious extensions to impersonate any user, hijack authentication sessions, and access sensitive resources without authorization. This vulnerability affects all versions of Podman Desktop. Version 1.25.1 contains a patch for the issue.
Title Podman Desktop Extension System Vulnerable to Authentication Bypass
Weaknesses CWE-285
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Linuxfoundation Podman Desktop
Podman-desktop Podman-desktop
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-28T21:21:17.125Z

Reserved: 2026-01-27T14:51:03.058Z

Link: CVE-2026-24835

cve-icon Vulnrichment

Updated: 2026-01-28T21:21:12.764Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-28T21:16:12.947

Modified: 2026-03-02T18:27:31.420

Link: CVE-2026-24835

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-01-28T20:42:29Z

Links: CVE-2026-24835 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:45:33Z

Weaknesses