CVE-2026-41163 is a high-severity bubblewrap issue affecting setuid installations. In vulnerable versions, a user can use ptrace to interfere with the unprivileged part of sandbox setup and steer privileged operations, including overlay mounts. The issue is fixed in bubblewrap 0.11.2.
CVE-2026-33414 is a command injection vulnerability in the HyperV machine backend of Podman, a tool for managing OCI containers and pods. The vulnerability exists in versions 4.8.0 through 5.8.1 and is caused by the insertion of a VM image path into a PowerShell double-quoted string without sanitization, allowing $() subexpression injection. This vulnerability allows an attacker to execute arbitrary Power [truncated]