CVE-2026-40226

Description

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.

References

• https://github.com/systemd/systemd/security/advisories/GHSA-9mj4-rrc3-gjcx