{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33414", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-19T17:02:34.171Z", "datePublished": "2026-04-14T22:42:19.822Z", "dateUpdated": "2026-04-14T22:42:19.822Z"}, "containers": {"cna": {"title": "PowerShell Command Injection in Podman HyperV Machine", "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "version": "4.0"}}], "references": [{"name": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59"}, {"name": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed", "tags": ["x_refsource_MISC"], "url": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed"}], "affected": [{"vendor": "containers", "product": "podman", "versions": [{"version": ">= 4.8.0, < 5.8.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-14T22:42:19.822Z"}, "descriptions": [{"lang": "en", "value": "Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection. Because PowerShell evaluates subexpressions inside double-quoted strings before executing the outer command, an attacker who can control the VM image path through a crafted machine name or image directory can execute arbitrary PowerShell commands with the privileges of the Podman process. On typical Windows installations this means SYSTEM-level code execution, and only Windows is affected as the code is exclusive to the HyperV backend. This issue has been patched in version 5.8.2."}], "source": {"advisory": "GHSA-hc8w-h2mf-hp59", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection. Because PowerShell evaluates subexpressions inside double-quoted strings before executing the outer command, an attacker who can control the VM image path through a crafted machine name or image directory can execute arbitrary PowerShell commands with the privileges of the Podman process. On typical Windows installations this means SYSTEM-level code execution, and only Windows is affected as the code is exclusive to the HyperV backend. This issue has been patched in version 5.8.2."}], "id": "CVE-2026-33414", "lastModified": "2026-04-14T23:16:27.987", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-14T23:16:27.987", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/containers/podman/commit/571c842bd357ee626019ea97d030fb772fc654ed"}, {"source": "security-advisories@github.com", "url": "https://github.com/containers/podman/security/advisories/GHSA-hc8w-h2mf-hp59"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.8.0,5.8.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "podman", "vendor": "containers"}], "analysis": {"en": {"generated_at": "2026-04-15T00:25:37.601596+00:00", "value": {"mitigation_remediation": ["Upgrade Podman to version 5.8.2 or later to remove the injection flaw.", "Configure Podman to run with the least privileges required; on Windows avoid running it under an elevated or Administrator account if possible.", "Restrict write access to the directories where machine names and image paths are stored, and validate or sanitize any user\u2011supplied values before creating machines."], "summary": {"action": "Patch Now", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected product is Podman, the container management tool provided by the containers:podman project. Versions 4.8.0 through 5.8.1 are vulnerable; all other releases are unaffected. The issue is exclusive to the HyperV backend and therefore only affects Windows installations. The vulnerability has been fixed in Podman 5.8.2.", "description_and_impact": "The vulnerability is a command injection flaw present in the HyperV machine backend of Podman. In versions 4.8.0 through 5.8.1, the VM image path is concatenated directly into a double\u2011quoted PowerShell command without sanitization. An attacker who can influence the VM image path\u2014for example by providing a specially crafted machine name or specifying an image directory\u2014can inject a $() subexpression. PowerShell evaluates that subexpression before executing the outer command, which allows arbitrary PowerShell code to run with the same privileges as the Podman process. On Windows this means potential SYSTEM\u2011level execution.", "risk_and_exploitability": "The CVSS score of 4 indicates a low severity, yet the ability to execute code at the Podman process level turns this into a remote code execution risk. No EPSS score is published, and the vulnerability has not been listed in CISA's KEV catalog. Attackers need to control the VM image path, which can be done if they can supply a machine name or image directory during machine creation, typically via local or remote access to the Podman service. Because the flaw uses PowerShell injection, the attack vector is Windows-only, and the impact is equivalent to running arbitrary commands with SYSTEM privileges if Podman is elevated."}}}}, "created": "2026-04-15T14:31:57.022153+00:00", "updated": "2026-04-15T14:53:52.000766+00:00", "vendors": ["containers", "containers$PRODUCT$podman"]}