Symlink Dereference Vulnerability in KubeVirt's virt-handler by Red Hat
CVE-2026-13201

7.3HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Openshift Virtualization 4
Vendor: CVE Published:; 24 June 2026

What is CVE-2026-13201?

A vulnerability in KubeVirt's safepath package used by the virt-handler component allows an attacker with access to a virt-launcher pod to exploit the OpenAtNoFollow function. This function intends to prevent link-following but is compromised when a symlink is involved. Through this flaw, attackers can hijack IPC socket connections, leading to unauthorized control over VM domain lifecycle events. This can result in mismanagement of Virtual Machine states or crashes, considerably disrupting services and causing sustained denial of VM management across affected nodes. Further, this flaw can inadvertently adjust file ownership or permissions on unintended host paths, amplifying security risks.

References

https://access.redhat.com/security/cve/CVE-2026-13201

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2492203

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2026
Vulnerability Reserved
Jun 24, 2026

Credit

This issue was discovered by Huzaifa Sidhpurwala (Red Hat).

CVE-2026-13201 Data

JSON