Denial of Service Vulnerability in containerd by Docker Inc.
CVE-2026-47262
5.3MEDIUM
What is CVE-2026-47262?
An issue in containerd, an open-source container runtime, allows a maliciously crafted image to trigger a Denial of Service condition. This vulnerability, present in versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5, and 2.3.2, causes memory exhaustion during the creation of containers from affected images. Consequently, this leads to an Out Of Memory (OOM) kill of the containerd process, making the container runtime API unavailable. This disruption can significantly impact clients relying on containerd, including the Docker Engine and Kubernetes control-plane components.
Affected Version(s)
containerd >= 1.7.0, < 1.7.33 < 1.7.0, 1.7.33
containerd >= 2.0.0, < 2.0.10 < 2.0.0, 2.0.10
containerd >= 2.1.0, < 2.1.9 < 2.1.0, 2.1.9
