Description
Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent

access on the host.
Published: 2026-05-28
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from insecure default permissions in Portainer Community Edition. A non‑administrator user who can authenticate to an endpoint inherits privileges that enable reading of host files and executing code at host level. Because the flaw is tied to the way the application sets file and directory permissions, an attacker who gains such user access can bypass normal isolation boundaries. This flaw falls under CWE‑276, representing insecure permission assignments that can lead to privilege escalation.

Affected Systems

Portainer Community Edition is affected. Specific version details are not disclosed in the advisory, so any installation that includes the default configuration before the security fixes referenced in the commit logs could be vulnerable.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity vulnerability. The EPSS score is not available, and the issue has not been listed in CISA’s KEV catalog. An attacker needs to be authenticated as a non‑admin user with endpoint access; from that position, the flaw can be leveraged to read host files or run code with elevated privileges. The attack vector appears to be local or authenticated, and the vulnerability can be exploited without requiring network exposure beyond the scope of the Portainer instance.

Generated by OpenCVE AI on May 28, 2026 at 20:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Portainer CE to the latest release that removes the insecure default permissions.
  • Reconfigure user roles to restrict endpoint access for non‑admin users or remove those users from the system.
  • Review and tighten file system permissions for the Portainer data directories to ensure they are not world readable or writable.

Generated by OpenCVE AI on May 28, 2026 at 20:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
References

Fri, 29 May 2026 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Portainer
Portainer portainer Community Edition
Vendors & Products Portainer
Portainer portainer Community Edition

Fri, 29 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 28 May 2026 19:45:00 +0000

Type Values Removed Values Added
Description Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the host.
Title Insecure default permissions in Portainer CE
Weaknesses CWE-276
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P'}

Subscriptions

Portainer Portainer Community Edition
cve-icon MITRE

Status: PUBLISHED

Assigner: ENISA

Published:

Updated: 2026-06-12T15:02:52.515Z

Reserved: 2026-03-23T12:53:47.474Z

Link: CVE-2026-33590

cve-icon Vulnrichment

Updated: 2026-06-12T15:02:52.515Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-28T20:16:23.163

Modified: 2026-06-12T16:16:27.263

Link: CVE-2026-33590

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T15:47:51Z

Weaknesses
  • CWE-276

    Incorrect Default Permissions