{"id":"CVE-2026-40226","details":"In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.","aliases":["GHSA-9mj4-rrc3-gjcx"],"modified":"2026-05-18T06:00:07.204882997Z","published":"2026-04-10T15:18:10.447Z","related":["CGA-f3qf-9gvm-gv5c"],"database_specific":{"cwe_ids":["CWE-348"],"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40226.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40226.json"},{"type":"ADVISORY","url":"https://github.com/systemd/systemd/security/advisories/GHSA-9mj4-rrc3-gjcx"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40226"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/systemd/systemd","events":[{"introduced":"d60c527009133a1ed3d69c14b8c837c790e78d10"},{"fixed":"3e52279684a53ebf84d1d73d528bf400c5fb3497"}]}],"versions":["v260-rc4","v260-rc3","v260-rc2","v260-rc1","v259","v259-rc3","v259-rc2","v259-rc1","v258","v258-rc4","v258-rc3","v258-rc2","v258-rc1","v257","v257-rc3","v257-rc2","v257-rc1","v256","v256-rc4","v256-rc3","v256-rc2","v256-rc1","v255","v255-rc4","v255-rc3","v255-rc2","v255-rc1","v254","v254-rc3","v254-rc2","v254-rc1","v253","v252","v253-rc3","v253-rc2","v253-rc1","v252-rc3","v252-rc2","v252-rc1","v251","v251-rc3","v251-rc2","v251-rc1","v250","v250-rc3","v250-rc2","v250-rc1","v249","v249-rc3","v249-rc2","v249-rc1","v248-2","v248","v248-rc4","v248-rc3","v248-rc2","v248-rc1","v247","v247-rc2","v247-rc1","v246","v246-rc2","v246-rc1","v245","v245-rc2","v245-rc1","v244","v244-rc1","v243","v243-rc2","v243-rc1","v242","v242-rc4","v242-rc3","v242-rc2","v242-rc1","v241","v241-rc2","v241-rc1","v240","v239","v238","v237","v236","v235","v234","v233"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-40226.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}