Medium severity6.4NVD Advisory· Published Apr 10, 2026· Updated Apr 17, 2026
CVE-2026-40226
CVE-2026-40226
Description
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/systemd/systemd/security/advisories/GHSA-9mj4-rrc3-gjcxnvdVendor Advisory
News mentions
2- Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilitiesCisco Talos Intelligence · May 14, 2026
- Siemens SIMATICCISA Alerts