CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_template.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.5%

CVSS Severity

CVSS v3 Score 4.9

References

https://bugs.launchpad.net/ironic/+bug/2148319
https://www.openwall.com/lists/oss-security/2026/06/03/13
http://www.openwall.com/lists/oss-security/2026/06/03/13

Products affected by CVE-2026-44917

Openstack » Ironic » Version: Any

cpe:2.3:a:openstack:ironic:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-44917

Products

Pricing

Contact Us