Path Traversal Vulnerability in K3s by Rancher Labs
CVE-2026-54250

5.8MEDIUM

Key Information:

Vendor: K3s-io
Status: K3s
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-54250?

A path traversal vulnerability was identified in the K3s Kubernetes distribution, affecting versions prior to 1.35.3+k3s1, 1.34.6+k3s1, and v1.33.10+k3s1. The issue arises during the decompression of etcd snapshots. If a malicious zip file containing specially crafted names is restored as a compressed etcd snapshot by an administrator, it can lead to unintentional writing of files to arbitrary locations on the filesystem. This poses significant security risks, allowing attackers to manipulate data and access sensitive areas of the system. The vulnerability has been addressed and mitigated in the mentioned later versions.

Affected Version(s)

k3s >= 1.35.0-rc1+k3s1, < 1.35.3+k3s1 < 1.35.0-rc1+k3s1, 1.35.3+k3s1

k3s >= 1.34.0-rc1+k3s1, < 1.34.6+k3s1 < 1.34.0-rc1+k3s1, 1.34.6+k3s1

k3s < 1.33.10+k3s1 < 1.33.10+k3s1

References

https://github.com/k3s-io/k3s/security/advisories/GHSA-jx...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 12, 2026

CVE-2026-54250 Data

JSON

K3s-io

What is CVE-2026-54250?

Affected Version(s)

References

CVSS V3.1

Timeline