CVE-2026-34045
Unauthenticated DoS and Info Leak in Podman Desktop
Publication date: 2026-04-07
Last updated on: 2026-04-15
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linuxfoundation | podman_desktop | to 1.26.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-209 | The product generates an error message that includes sensitive information about its environment, users, or associated data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Podman Desktop versions prior to 1.26.2, where an unauthenticated HTTP server is exposed. This server allows any network attacker to remotely cause denial-of-service conditions and extract sensitive information.
The attacker can exploit missing connection limits and timeouts to exhaust file descriptors and kernel memory, which can lead to the application crashing or the entire host system freezing.
Additionally, verbose error responses from the server disclose internal paths and system details, including usernames on Windows systems, which can help attackers in further exploitation.
No authentication or user interaction is required to exploit this vulnerability, and it can be exploited remotely over the network.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to remotely cause denial-of-service conditions, potentially crashing the Podman Desktop application or freezing the entire host system.
It also allows attackers to extract sensitive information such as internal system paths and usernames, which could be used to facilitate further attacks.
Since the attack requires no authentication and can be performed over the network, it poses a significant risk to the availability and confidentiality of your system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade Podman Desktop to version 1.26.2 or later, where the issue is fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in Podman Desktop allows unauthenticated remote attackers to extract sensitive information and cause denial-of-service conditions. Exposure of sensitive information and system details could potentially lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require safeguarding sensitive data and ensuring system availability.
However, the provided information does not explicitly state the impact on compliance with these standards or regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The Podman Desktop WebView HTTP server listens on port 44000 on all network interfaces without authentication or connection limits. To detect this vulnerability on your network or system, you can check if port 44000 is open and accessible remotely.
- Use a network scanning tool like nmap to check if port 44000 is open on your host: nmap -p 44000 <target-ip>
- Use netstat or ss to verify if the Podman Desktop server is listening on 0.0.0.0:44000 locally: netstat -tulnp | grep 44000 or ss -tulnp | grep 44000
- Attempt to connect to port 44000 using curl or telnet to see if the server responds without authentication: curl http://<target-ip>:44000/
If the server responds with verbose error messages exposing internal paths or usernames, or if you observe many open TCP connections to port 44000 potentially exhausting file descriptors, it indicates the presence of the vulnerable Podman Desktop WebView server.