CVE-2026-44881
Analyzed Analyzed - Analysis Complete
Symlink Arbitrary File Read in Portainer Community Edition

Publication date: 2026-05-28

Last updated on: 2026-06-01

Assigner: GitHub, Inc.

Description
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer supports deploying stacks from Git repositories. When a Git-backed stack is created or updated, Portainer clones the repository using go-git v5, which translates Git blob entries with mode 0o120000 (symlink) into real OS symlinks on the host filesystem via os.Symlink. The only entry blocked from becoming a symlink is .gitmodules; every other path is created as a symlink without validation. Portainer's GET /api/stacks/{id}/file endpoint then reads the stack entry point with os.ReadFile, which follows OS symlinks transparently. A repository containing docker-compose.yml as a symlink to an arbitrary filesystem path causes the symlink target's contents to be returned verbatim in the HTTP response. Any authenticated user with rights to create or update a Git-backed stack β€” the default configuration in Portainer CE β€” can read arbitrary files accessible to the Portainer process. This vulnerability is fixed in 2.33.8, 2.39.2, and 2.41.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-06-01
Generated
2026-06-19
AI Q&A
2026-05-29
EPSS Evaluated
2026-06-18
NVD
CVE-2026-44881
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
portainer portainer From 2.33.0 (inc) to 2.33.8 (exc)
portainer portainer From 2.34.0 (inc) to 2.39.2 (exc)
portainer portainer 2.40.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability allows any authenticated user with rights to create or update a Git-backed stack in Portainer Community Edition to read arbitrary files accessible to the Portainer process. This unauthorized access to arbitrary files could potentially lead to exposure of sensitive or personal data.

Such unauthorized data exposure may impact compliance with data protection standards and regulations like GDPR and HIPAA, which require strict controls on access to sensitive information and protection against unauthorized disclosure.

However, the specific impact on compliance depends on the nature of the data exposed and the environment in which Portainer is deployed.

Executive Summary

This vulnerability exists in Portainer Community Edition versions from 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0. Portainer allows deploying stacks from Git repositories by cloning them using go-git v5. When cloning, Git blob entries with symlink mode are converted into real OS symlinks on the host filesystem without proper validation, except for the .gitmodules file.

Because of this, an attacker who can create or update a Git-backed stack (which is allowed by default for any authenticated user) can create a symlink in the repository pointing to an arbitrary file on the host system. When Portainer reads the stack entry point file, it follows the symlink and returns the contents of the target file in the HTTP response.

This means an attacker can read arbitrary files accessible to the Portainer process on the host system, potentially exposing sensitive information.

Impact Analysis

This vulnerability allows any authenticated user with permissions to create or update Git-backed stacks to read arbitrary files on the host system where Portainer is running.

The impact includes unauthorized disclosure of sensitive information stored in files accessible to the Portainer process, which could include configuration files, credentials, or other confidential data.

Such unauthorized file access can lead to further attacks, compromise of the container environment, or leakage of sensitive business or personal data.

Mitigation Strategies

To mitigate this vulnerability, upgrade Portainer Community Edition to one of the fixed versions: 2.33.8, 2.39.2, or 2.41.0.

Additionally, restrict or review user permissions to ensure that only trusted users have rights to create or update Git-backed stacks, as any authenticated user with such rights can exploit this vulnerability.

Detection Guidance

This vulnerability can be detected by auditing existing Git-backed stack directories managed by Portainer for unexpected symbolic links, especially those pointing to sensitive files. Since the issue involves symlinks created from Git repositories, checking for symlinks in stack directories is a key detection method.

You can use commands to find symbolic links within the Portainer stack directories and inspect if any point to sensitive or unexpected locations.

  • Use the find command to locate symlinks in the stack directory, for example: find /path/to/portainer/stacks -type l -ls
  • Check the target of suspicious symlinks with: ls -l /path/to/symlink
  • Review the contents of the docker-compose.yml files in the stacks to verify if they are symlinks: file /path/to/stack/docker-compose.yml

Additionally, monitoring HTTP requests to the GET /api/stacks/{id}/file endpoint for unusual file content responses or unexpected file reads may help detect exploitation attempts.

Restricting permissions to create or update Git-backed stacks and avoiding untrusted repositories are recommended preventive measures.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44881. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart