Directory Traversal Vulnerability in Portainer Community Edition by Portainer
CVE-2026-44885
5.5MEDIUM
What is CVE-2026-44885?
The Portainer Community Edition, a platform for managing containerized applications, is susceptible to a directory traversal vulnerability which affects versions from 2.33.0 to before 2.33.8. The backup restore feature permits the extraction of .tar.gz archives without proper safeguards, allowing maliciously crafted archives to write to arbitrary locations on the server's filesystem. This flaw can potentially lead to sensitive data being exposed or manipulated if exploited.
Affected Version(s)
portainer >= 2.33.0, < 2.33.8
