CVE-2026-3865 | Kubernetes up to 1.20.0 CSI Driver for SMB path traversal (Issue 138319)

Inserito da Angelo Barbosa | Apr 11, 2026 | CVE

A vulnerability was found in Kubernetes up to 1.20.0 and classified as critical. Affected by this issue is some unknown functionality of the component CSI Driver for SMB. Executing a manipulation can lead to path traversal.

This vulnerability is tracked as CVE-2026-3865. The attack is only possible within the local network. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-3865 | Kubernetes up to 1.20.0 CSI Driver for SMB path traversal (Issue 138319)

Post correlati

CVE-2023-49798 | OpenZeppelin openzeppelin-contracts 4.9.4 Subcall control flow (GHSA-699g-q6qh-q4v8)

CVE-2026-26319 | OpenClaw/Clawdbot/Moltbot up to 2026.2.13 Voice Call Plugin verifyWebhook missing authentication (GHSA-4hg8-92×6-h2f3)

CVE-2024-42442 | Zoom Workplace Desktop App/Meeting SDK/Rooms Client up to 6.1.4 on macOS privileges management

CVE-2024-41147 | Miniaudio 0.11.21 ma_dr_flac__decode_samples__lpc heap-based overflow (TALOS-2024-2063)