Critical runC Vulnerabilities Enable Container Escape on Docker and Kubernetes

Critical runC Vulnerabilities Enable Container Escape on Docker and Kubernetes

First seen 2 Dec 2025, 18:33 UTC UbuntuFilestore.FortinetBleepingcomputerGbhackersCybersecuritynews+4 80% similarity 37.4

Article Content

Browse articles
ThreatCluster

Three critical vulnerabilities in runC, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, allow attackers to escape container isolation and gain root access to host systems. These flaws arise from improper handling of masked paths, bind-mounts, and certain write operations. Affected platforms include Docker and Kubernetes, with no active exploits detected yet.

ThreatCluster AI

Community

Browse all →