Security Advisories

post image

CVE-2026-33590 Insecure Default Settings in Portainer allow for host takeover

Insecure default settings allowed regular users of Portainer to execute arbitrary commands with elevated privileges on the container hosting environment, which could lead to a host takeover.

Posted on 12 June 2026

post image

CVE-2024-6655 GTK-2/GTK-3 library injection from CWD

A vulnerability in GTK-2/GTK-3 codebases allowed for remote code execution when an adversary injected a malicious library to a GTK application using a drive-by-download attack.

Posted on 13 December 2024