CRITICAL🇵🇱 Wersja polska

CVE-2026-46695

CVSS 10.0v3.1pub. 2026-06-10upd. 2026-06-11

Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directory in rw mode, thereby gaining write access to that directory. This allows malicious code to perform arbitrary write operations on directories that should be read-only. This issue has been patched in version 0.9.0.

🤖 AI Analysis
How it works

Boxlite before version 0.9.0 does not restrict kernel capabilities available inside the container. Malicious code running in the container can exploit these privileges to remount a directory with read-write (rw) flag, thereby bypassing the security measures enforcing read-only mode. As a result, the code gains the ability to write arbitrarily to directories that should be protected.

Impact

An attacker can perform arbitrary write operations on directories marked as read-only, which leads to breaking sandbox isolation and compromising the integrity of the host file system or shared resources.

Mitigation & patch

Boxlite should be updated to version 0.9.0, in which the issue was fixed. The patch is available in the project repository on GitHub (tag v0.9.0).

Who is affected

Boxlite in versions prior to 0.9.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Container
CWE
References