CVE-2026-44849 | portainer Community Edition up to 2.33.7/2.39.1/2.40.x Docker Swarm Service API authorization (GHSA-5fxq-qcf3-244w)

Inserito da Angelo Barbosa | Mag 29, 2026 | CVE

A vulnerability classified as critical has been found in portainer Community Edition up to 2.33.7/2.39.1/2.40.x. The impacted element is an unknown function of the component Docker Swarm Service API. The manipulation leads to missing authorization.

This vulnerability is documented as CVE-2026-44849. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-44849 | portainer Community Edition up to 2.33.7/2.39.1/2.40.x Docker Swarm Service API authorization (GHSA-5fxq-qcf3-244w)

Post correlati

CVE-2024-20407 | Cisco Firepower Threat Defense TCP Snort 3 Detection Engine resource management (cisco-sa-snort-bypass-PTry37fX)

CVE-2025-0334 | leiyuxi cy-fast 1.0 /sys/user/listData order sql injection

CVE-2024-3209 | UPX up to 4.2.2 bele.h get_ne64 heap-based overflow

CVE-2023-48684 | Acronis Cyber Protect Cloud Agent prior 37758 authorization