CVE-2026-32193
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk21th percentile - higher than 21% of all known CVEs
Summary
Microsoft Azure Kubernetes Service has an improper limitation of a pathname to a restricted directory, leading to a 'path traversal' vulnerability. This allows an authorized attacker to execute code locally.
Risk Assessment
An attacker with appropriate permissions can exploit this vulnerability to run unauthorized code, potentially leading to serious security breaches in the system.
Recommendation
It is recommended to update Microsoft Azure Kubernetes Service to the latest version and implement additional security measures to mitigate the risk of 'path traversal' attacks.
Original NVD description (English source)
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally.

