Path Traversal in Kubernetes CSI Driver for NFS
A path traversal vulnerability in the Kubernetes CSI Driver for NFS (nfs.csi.k8s.io) could allow attackers with permission to create PersistentVolume objects to supply crafted volumeHandle values containing ../ sequences in the subDir field. During deletion or cleanup operations, the driver may traverse outside the intended managed path and delete or modify unintended directories on the backing NFS server. The issue is tracked as CVE-2026-3864 and carries a CVSS 6.5 rating, with impact focused on integrity and availability rather than confidentiality.
Affected deployments are those running CSI Driver for NFS versions prior to v4.13.1 while allowing non-administrative or otherwise untrusted users to create PersistentVolumes that reference the NFS CSI driver. Kubernetes guidance says organizations should upgrade to v4.13.1 or later, restrict PersistentVolume creation to trusted administrators, inspect volumeHandle values for traversal strings such as ../, and review controller logs for unexpected directory operations such as references to paths escaping the intended export directory. This is a substantive vulnerability disclosure, not promotional or generic content.
Timeline
Mar 17, 2026
Kubernetes publishes advisory for CVE-2026-3864
A Kubernetes product advisory was published documenting CVE-2026-3864, a path traversal issue in the CSI Driver for NFS. The advisory formalized the disclosure and identified the risk of unintended directory deletion on NFS servers.
Mar 17, 2026
Kubernetes fixes CVE-2026-3864 in CSI Driver for NFS v4.13.1
Kubernetes maintainers Andy Zhang and Rita Zhang released a fix for CVE-2026-3864 in CSI Driver for NFS version 4.13.1. The vulnerability affects versions prior to v4.13.1 and could allow users able to create PersistentVolumes for nfs.csi.k8s.io to delete or modify unintended directories on the NFS server via ../ traversal sequences.
Mar 17, 2026
SentinelOne researcher discovers and responsibly discloses NFS CSI path traversal flaw
Shaul Ben Hai of SentinelOne identified a path traversal vulnerability in the Kubernetes CSI Driver for NFS involving insufficient validation of the subDir parameter in volume identifiers. The issue was responsibly disclosed to the Kubernetes project and handled with the Kubernetes Security Response Committee.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Sources
Related Stories
Mount Option Injection Flaw in Amazon EFS CSI Driver
AWS disclosed **CVE-2026-6437**, a mount option injection vulnerability in the Amazon EFS CSI Driver that stems from insufficient input validation before user-controlled values are passed to the operating system's mount helper. In affected versions prior to `3.0.1`, Kubernetes `PersistentVolume` attributes including `mounttargetip` and `volumeHandle` can be crafted with injected comma-separated values that the Linux mount process interprets as additional mount options. Because the driver builds the mount option string directly from those fields and executes with elevated privileges on Kubernetes nodes, an attacker could cause unauthorized mount flags to be applied to the target EFS filesystem during the CSI driver's mount operation. The flaw affects environments using vulnerable EFS CSI Driver releases, and the reported remediation is to upgrade to version `3.0.1` or later.
1 weeks ago
Critical ingress-nginx flaws enable NGINX config injection, RCE, and admission-controller DoS
Kubernetes maintainers disclosed multiple vulnerabilities in **ingress-nginx** affecting versions `< 1.13.7` and `< 1.14.3`, including **NGINX configuration injection** paths that can lead to **arbitrary code execution** in the ingress-nginx controller context and **Secrets disclosure**. **CVE-2026-24512** allows injection via the Ingress `rules.http.paths.path` field, and **CVE-2026-1580** allows injection via the `nginx.ingress.kubernetes.io/auth-method` annotation; both are rated **CVSS 8.8** and are especially high impact in default deployments where the controller can read Secrets cluster-wide. Recommended mitigations include upgrading to **v1.13.7**, **v1.14.3**, or later, and (as a temporary control) using validating admission policies to reject risky constructs such as `ImplementationSpecific` path types or the `auth-method` annotation. A separate ingress-nginx issue, **CVE-2026-24514** (CVSS 6.5), affects the validating admission controller feature and enables **denial of service** by sending oversized requests that drive memory consumption, potentially killing the controller pod or exhausting node memory. Detection guidance includes monitoring for unusually large requests (multi-megabyte) to the admission controller and suspicious payloads in `rules.http.paths.path` or the `nginx.ingress.kubernetes.io/auth-method` annotation. One referenced item describing **CVE-2025-67601** in the *Rancher CLI* (credential/TLS handling weakness involving `--skip-verify`) is a different product and vulnerability and is not part of the ingress-nginx disclosures.
1 months ago
Critical Root Access and Arbitrary File Write Flaws Disclosed in Network-Exposed Systems
Two high-severity vulnerabilities were disclosed affecting exposed application and device management surfaces, including a flaw that can give attackers **root access** and another that enables **arbitrary file write** through path traversal. **CVE-2026-3587** describes an unauthenticated remote attack path in a hidden CLI function that lets an attacker escape a restricted prompt and gain root access to the underlying Linux operating system, potentially leading to full device compromise. The issue was mapped to `CWE-912` and assigned a `CVSS v3.1` score vector of `AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H`, with CERT VDE publishing advisory `VDE-2026-020`. A separate vulnerability, **CVE-2026-5027**, affects Langflow's `POST /api/v2/files` endpoint, where improper sanitization of the multipart `filename` parameter allows path traversal using `../` sequences. An authenticated attacker can exploit the bug to write files to arbitrary filesystem locations, creating a route to compromise confidentiality, integrity, and availability. The flaw was classified as `CWE-22`, carries the `CVSS v3.1` vector `AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`, and is referenced in Tenable advisory `TRA-2026-26`.
1 months ago