A vulnerability was found in Kubernetes . It has been classified as critical . Affected is an unknown function of the component CSI Driver . The manipulation of the argument subDir leads to path traversal. This vulnerability is listed as CVE-2026-3864 . The attack must be carried out from within the local network. There is no available exploit.