CVE-2026-33590
NONE—CVSS v3
—CVSS v2
0.06%
EPSS (exploit probability)
CWE-276CWE
Description
Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent
access on the host.
Affected routers (0)
No routers currently mapped to this CVE in our database.