Vulnerability Details CVE-2026-44916
In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 24.2%
CVSS Severity
CVSS v3 Score 3.0
References
Products affected by CVE-2026-44916
-
cpe:2.3:a:openstack:ironic:17.0.0
-
cpe:2.3:a:openstack:ironic:17.0.1
-
cpe:2.3:a:openstack:ironic:17.0.2
-
cpe:2.3:a:openstack:ironic:17.0.3
-
cpe:2.3:a:openstack:ironic:17.0.4
-
cpe:2.3:a:openstack:ironic:17.1.0
-
cpe:2.3:a:openstack:ironic:18.0.0
-
cpe:2.3:a:openstack:ironic:18.1.0
-
cpe:2.3:a:openstack:ironic:18.2.0
-
cpe:2.3:a:openstack:ironic:18.2.1
-
cpe:2.3:a:openstack:ironic:18.2.2
-
cpe:2.3:a:openstack:ironic:18.3.0
-
cpe:2.3:a:openstack:ironic:19.0.0
-
cpe:2.3:a:openstack:ironic:20.0.0
-
cpe:2.3:a:openstack:ironic:20.1.0
-
cpe:2.3:a:openstack:ironic:20.1.1
-
cpe:2.3:a:openstack:ironic:20.1.2
-
cpe:2.3:a:openstack:ironic:20.1.3
-
cpe:2.3:a:openstack:ironic:20.2.0
-
cpe:2.3:a:openstack:ironic:21.0.0
-
cpe:2.3:a:openstack:ironic:21.1.0
-
cpe:2.3:a:openstack:ironic:21.1.1
-
cpe:2.3:a:openstack:ironic:21.1.2
-
cpe:2.3:a:openstack:ironic:21.2.0
-
cpe:2.3:a:openstack:ironic:21.3.0
-
cpe:2.3:a:openstack:ironic:21.4.0
-
cpe:2.3:a:openstack:ironic:21.4.1
-
cpe:2.3:a:openstack:ironic:21.4.2
-
cpe:2.3:a:openstack:ironic:21.4.3
-
cpe:2.3:a:openstack:ironic:21.4.4
-
cpe:2.3:a:openstack:ironic:22.0.0
-
cpe:2.3:a:openstack:ironic:22.1.0
-
cpe:2.3:a:openstack:ironic:23.0.0
-
cpe:2.3:a:openstack:ironic:23.0.1
-
cpe:2.3:a:openstack:ironic:23.0.2
-
cpe:2.3:a:openstack:ironic:23.0.3
-
cpe:2.3:a:openstack:ironic:23.0.4
-
cpe:2.3:a:openstack:ironic:23.0.5
-
cpe:2.3:a:openstack:ironic:23.1.0
-
cpe:2.3:a:openstack:ironic:24.0.0
-
cpe:2.3:a:openstack:ironic:24.1.0
-
cpe:2.3:a:openstack:ironic:24.1.1
-
cpe:2.3:a:openstack:ironic:24.1.2
-
cpe:2.3:a:openstack:ironic:24.1.3
-
cpe:2.3:a:openstack:ironic:24.1.4
-
cpe:2.3:a:openstack:ironic:24.1.5
-
cpe:2.3:a:openstack:ironic:25.0.0
-
cpe:2.3:a:openstack:ironic:26.0.0
-
cpe:2.3:a:openstack:ironic:26.1.0
-
cpe:2.3:a:openstack:ironic:26.1.1
-
cpe:2.3:a:openstack:ironic:26.1.2
-
cpe:2.3:a:openstack:ironic:26.1.3
-
cpe:2.3:a:openstack:ironic:26.1.4
-
cpe:2.3:a:openstack:ironic:26.1.5
-
cpe:2.3:a:openstack:ironic:26.1.6
-
cpe:2.3:a:openstack:ironic:27.0.0
-
cpe:2.3:a:openstack:ironic:28.0.0
-
cpe:2.3:a:openstack:ironic:29.0.0
-
cpe:2.3:a:openstack:ironic:29.0.1
-
cpe:2.3:a:openstack:ironic:29.0.2
-
cpe:2.3:a:openstack:ironic:29.0.3
-
cpe:2.3:a:openstack:ironic:29.0.4
-
cpe:2.3:a:openstack:ironic:29.0.5
-
cpe:2.3:a:openstack:ironic:30.0.0
-
cpe:2.3:a:openstack:ironic:31.0.0
-
cpe:2.3:a:openstack:ironic:32.0.0
-
cpe:2.3:a:openstack:ironic:32.0.1
-
cpe:2.3:a:openstack:ironic:33.0.0
-
cpe:2.3:a:openstack:ironic:34.0.0
-
cpe:2.3:a:openstack:ironic:35.0.0
-
cpe:2.3:a:openstack:ironic:35.0.1