BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files
CVE-2026-46695

10CRITICAL

Key Information:

Vendor

Boxlite-ai

Status
Boxlite
Vendor
CVE Published:
10 June 2026

What is CVE-2026-46695?

Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directory in rw mode, thereby gaining write access to that directory. This allows malicious code to perform arbitrary write operations on directories that should be read-only. This issue has been patched in version 0.9.0.

Affected Version(s)

boxlite < 0.9.0

References

https://github.com/boxlite-ai/boxlite/security/advisories...
x_refsource_CONFIRM
https://github.com/boxlite-ai/boxlite/pull/454
x_refsource_MISC
https://github.com/boxlite-ai/boxlite/releases/tag/v0.9.0
x_refsource_MISC

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.