PatchSiren cyber security CVE debrief
CVE-2026-46695 boxlite-ai CVE debrief
CVE-2026-46695 is a critical vulnerability in the Boxlite sandbox service, which allows users to create lightweight virtual machines and launch OCI containers. The issue arises from the service not restricting kernel capabilities inside the container, enabling malicious code to remount directories in rw mode and gain write access to read-only directories. This vulnerability has been patched in version 0.9.0.
- Vendor
- boxlite-ai
- Product
- boxlite
- CVSS
- CRITICAL 10
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-11
Who should care
Users of Boxlite's sandbox service, particularly those running versions prior to 0.9.0, should be aware of this vulnerability and take immediate action to update to the patched version.
Technical summary
The vulnerability has a CVSS score of 10 and is classified as CRITICAL. It allows malicious code to perform arbitrary write operations on read-only directories by remounting them in rw mode. The issue is addressed in version 0.9.0 of Boxlite.
Defensive priority
High
Recommended defensive actions
- Update Boxlite to version 0.9.0 or later to patch the vulnerability.
- Review and restrict kernel capabilities inside containers to prevent similar issues in the future.
Evidence notes
The vulnerability is confirmed by the CVE record and NVD detail pages. The patch is available in version 0.9.0 of Boxlite.
Official resources
CVE-2026-46695 was published on 2026-06-10T23:16:47.747Z and modified on 2026-06-11T15:21:07.370Z.