CVE-2026-33414 Overview
CVE-2026-33414 is a command injection vulnerability in Podman, an open-source tool for managing Open Container Initiative (OCI) containers and pods. The flaw resides in the HyperV machine backend code at pkg/machine/hyperv/stubber.go, where the virtual machine image path is inserted into a PowerShell double-quoted string without sanitization. Versions 4.8.0 through 5.8.1 are affected, and only Windows installations are vulnerable because the affected code is exclusive to the HyperV backend. An attacker who controls the VM image path through a crafted machine name or image directory can execute arbitrary PowerShell commands with the privileges of the Podman process. The issue is patched in version 5.8.2.
Critical Impact
Successful exploitation results in arbitrary PowerShell execution at the Podman process privilege level, which on typical Windows installations is SYSTEM.
Affected Products
- Podman versions 4.8.0 through 5.8.1 (HyperV machine backend)
- Microsoft Windows installations running Podman with HyperV backend
- Podman 5.8.2 contains the fix
Discovery Timeline
- 2026-04-14 - CVE-2026-33414 published to NVD
- 2026-04-23 - Last updated in NVD database
Technical Details for CVE-2026-33414
Vulnerability Analysis
The vulnerability is a classic OS command injection flaw classified under [CWE-78]. Podman's HyperV backend constructs PowerShell command strings to manage virtual machines on Windows hosts. The VM image path is concatenated directly into a PowerShell double-quoted string. PowerShell evaluates $() subexpressions inside double-quoted strings before executing the outer command, which allows attacker-controlled path content to break out of the string context.
Because exploitation requires local access and high privileges to influence the Podman machine configuration or image directory, the CVSS 4.0 base score is 4.0 (MEDIUM). However, the impact on a successfully exploited host is significant because Podman commonly runs with elevated rights on Windows, leading to SYSTEM-level code execution.
Root Cause
The root cause is missing input sanitization in pkg/machine/hyperv/stubber.go. The VM image path is interpolated into a PowerShell double-quoted string without escaping or validation of the $, (, and ) characters. Any path component containing a PowerShell subexpression construct is evaluated by the shell rather than treated as literal data.
Attack Vector
An attacker with the ability to influence the Podman machine name or VM image directory path can craft a value containing a PowerShell $() subexpression. When Podman builds and runs the HyperV management command, PowerShell evaluates the embedded subexpression before executing the outer cmdlet, running attacker-supplied PowerShell with the privileges of the Podman process. Since microsoft windows is the only affected operating system in the CPE list, non-Windows installations are not impacted.
No public proof-of-concept exploit is available, and the EPSS score is 0.013%, indicating low predicted exploitation activity at this time.
Detection Methods for CVE-2026-33414
Indicators of Compromise
- Podman machine names or VM image paths containing PowerShell subexpression syntax such as $( or backtick-escape sequences
- Unexpected child powershell.exe processes spawned by the Podman process tree on Windows hosts
- HyperV VM configuration entries referencing image paths with shell metacharacters
Detection Strategies
- Inventory Windows endpoints running Podman versions 4.8.0 through 5.8.1 with the HyperV machine backend enabled
- Monitor process creation telemetry for powershell.exe invocations whose command line contains $() constructs originating from Podman binaries
- Audit machine creation events and configuration files for non-standard characters in machine names or image directory paths
Monitoring Recommendations
- Forward Windows process creation events (Event ID 4688) and PowerShell script block logging (Event ID 4104) to a centralized analytics platform
- Alert on Podman process trees that produce SYSTEM-context PowerShell execution outside normal VM lifecycle operations
- Track changes to Podman machine configuration directories on Windows for unexpected path modifications
How to Mitigate CVE-2026-33414
Immediate Actions Required
- Upgrade Podman to version 5.8.2 or later on all affected Windows hosts
- Audit existing Podman machine configurations for image paths containing $, (, ), or backtick characters and recreate any suspicious machines
- Restrict who can create or modify Podman machines and machine image directories on shared Windows systems
Patch Information
The Podman maintainers fixed the issue in version 5.8.2. The remediation is delivered through the upstream commit referenced in GitHub Podman Commit 571c842 and described in GitHub Security Advisory GHSA-hc8w-h2mf-hp59. Administrators should apply the update through their standard Podman distribution channel for Windows.
Workarounds
- Avoid using the HyperV machine backend until the patch is applied; use alternative backends where supported
- Constrain Podman machine names and image directory paths to alphanumeric characters and standard path separators
- Limit Podman execution on Windows to trusted administrative accounts and prevent unprivileged users from supplying machine names or image paths
# Verify the installed Podman version on Windows and upgrade if vulnerable
podman --version
# If version is between 4.8.0 and 5.8.1, upgrade to 5.8.2 or later
# winget upgrade RedHat.Podman
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
