CVE-2026-41013

CVE-2026-41013: Tenant-controlled comma smuggles arbitrary CIFS mount options

Vendor Cloudfoundry Foundation
Product smb-volume-release
Weakness CWE-88
Published June 1, 2026
Last update June 4, 2026

CVSS base score

What the vulnerability does

01Description

Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant Diego cells. Affected versions: smb-volume-release: All versions prior to v3.60.0 CF Deployment: All versions prior to v56.0.0

Key dates

02Disclosure timeline

June 1, 2026 CVE published
June 4, 2026 Record updated