CVE-2026-13218
A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to the virt-launcher container can plant a symlink at the cache file path, causing virt-handler to follow it and overwrite an arbitrary host file with JSON content and change its ownership.
CSIRTS triage
- What
- Symlink following in writetocachedfile allows host file overwrite from virt-launcher.
- Who is affected
- Users of Kubevirt virtualization solutions.
- Urgency
- Medium urgency due to a CVSS score of 4.2, indicating moderate risk.
- Action
- Update Kubevirt to the latest version to address this vulnerability.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch CVE-2026-13218
Get an email if CVE-2026-13218 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Exploitation outlook
- Low exploitation risk0.11% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all EPSS-scored CVEs.
Advisory coverage (2)
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-13218)