Containerd

This hub aggregates every CVE we track for Containerd, a product in the ai ml space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Containerd.

• CVE-2025-47911Quadratic parsing complexity in golang.org/x/net/html5.3Feb 5, 2026
• CVE-2025-64329containerd CRI server: Host memory exhaustion through Attach goroutine leak5.5Nov 7, 2025
• CVE-2024-25621containerd affected by a local privilege escalation via wide permissions on CRI directory7.3Nov 6, 2025
• CVE-2025-47291containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods.7.5May 21, 2025
• CVE-2025-47290Containerd vulnerable to host filesystem access during image unpack5.9May 20, 2025
• CVE-2024-40635containerd has an integer overflow in User ID handling4.6Mar 17, 2025
• CVE-2023-25173containerd supplementary groups are not set up properly5.3Feb 16, 2023
• CVE-2023-25153containerd OCI image importer memory exhaustion6.2Feb 16, 2023
• CVE-2022-23471containerd CRI stream server: Host memory exhaustion through terminal resize goroutine leak5.7Dec 7, 2022
• CVE-2022-31030containerd CRI plugin: Host memory exhaustion through ExecSync5.5Jun 6, 2022
• CVE-2022-24769Default inheritable capabilities for linux container should be empty5.9Mar 24, 2022
• CVE-2022-23648Insecure handling of image volumes in containerd CRI plugin7.5Mar 3, 2022
• CVE-2021-43816Improper Preservation of Permissions in containerd8.0Jan 5, 2022
• CVE-2021-41190Clarify Content-Type handling in OCI spec3.0Nov 17, 2021
• CVE-2021-41103Insufficiently restricted permissions on plugin directories7.8Oct 4, 2021