CVE-2026-49237 – Canonical Multipass / Ubuntu Linux

CVSS 7.8 IMPORTANT

“Virtualization and operating system weaknesses can turn trusted infrastructure into an opportunity for attackers.”

Canonical released patches for three high-severity vulnerabilities affecting Multipass and Ubuntu Linux. CVE-2026-49237 has a CVSS score of 7.8, which is High severity. CVE-2026-47331 has a CVSS score of 7.8, which is High severity. CVE-2026-47333 has a CVSS score of 7.8, which is High severity.

The update addresses improper permission assignment, use-after-free, and out-of-bounds read vulnerabilities. Two of the vulnerabilities could allow remote code execution, while two vulnerabilities could enable privilege escalation in affected environments. The fixes strengthen memory safety protections and access controls across virtualization and operating system components.

Key Details

Affected Product: Canonical Multipass
Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
CWE Classification: CWE-276

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-49237 – Canonical Multipass / Ubuntu Linux

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002