CVE-2026-46695
CRITICALBoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files
Title source: cnaDescription
Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directory in rw mode, thereby gaining write access to that directory. This allows malicious code to perform arbitrary write operations on directories that should be read-only. This issue has been patched in version 0.9.0.
References (3)
Core 3
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/boxlite-ai/boxlite/security/advisories/GHSA-g6ww-w5j2-r7x3
X_Refsource_Misc x_refsource_misc
https://github.com/boxlite-ai/boxlite/pull/454
X_Refsource_Misc x_refsource_misc
https://github.com/boxlite-ai/boxlite/releases/tag/v0.9.0
Scores
CVSS v3
10.0
EPSS
0.0029
EPSS Percentile
20.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-284
Status
published
Products (6)
boxlite-ai/boxlite
0 - 0.9.0npm
boxlite-ai/boxlite
0 - 0.9.0Go
boxlite-ai/boxlite
< 0.9.0
crates.io/boxlite
0 - 0.9.0crates.io
crates.io/boxlite-cli
0 - 0.9.0crates.io
pypi/boxlite
0 - 0.9.0PyPI
Published
Jun 10, 2026
Tracked Since
Jun 11, 2026