diff --git a/README.md b/README.md
index 6ad6390..e35227c 100644
--- a/README.md
+++ b/README.md
@@ -160,6 +160,7 @@ cdk run <script-name> [options]
 | Credential Access    | Dump K8s Secrets                                           | k8s-secret-dump        | ✔         | ✔                                                                          | [link](https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-secret-dump)                |
 | Credential Access    | Dump K8s Config                                            | k8s-configmap-dump     | ✔         | ✔                                                                          | [link](https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-configmap-dump)             |
 | Privilege Escalation | K8s RBAC Bypass                                            | k8s-get-sa-token       | ✔         | ✔                                                                          | [link](https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-get-sa-token)               |
+| Privilege Escalation | CVE-2026-31431 copy-fail (non-root→root, **no container escape**) | copy-fail-cve-2026-31431 | ✔      |                                                                            | [link](https://github.com/cdk-team/CDK/wiki/Exploit:-copy-fail-cve-2026-31431)       |
 | Persistence          | Deploy WebShell                                            | webshell-deploy        | ✔         | ✔                                                                          | [link](https://github.com/cdk-team/CDK/wiki/Exploit:-webshell-deploy)                |
 | Persistence          | Deploy Backdoor Pod                                        | k8s-backdoor-daemonset | ✔         | ✔                                                                          | [link](https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-backdoor-daemonset)         |
 | Persistence          | Deploy Shadow K8s api-server                               | k8s-shadow-apiserver   | ✔         || [link](https://github.com/cdk-team/CDK/wiki/Exploit:-k8s-shadow-apiserver) |
diff --git a/pkg/exploit/privilege_escalation/copy_fail_cve_2026_31431.go b/pkg/exploit/privilege_escalation/copy_fail_cve_2026_31431.go
index f595dbc..3498156 100644
--- a/pkg/exploit/privilege_escalation/copy_fail_cve_2026_31431.go
+++ b/pkg/exploit/privilege_escalation/copy_fail_cve_2026_31431.go
@@ -22,6 +22,10 @@ package privilege_escalation
 // CVE-2026-31431 "copy-fail" privilege escalation exploit.
 // Ported from https://github.com/theori-io/copy-fail-CVE-2026-31431/blob/main/copy_fail_exp.py
 //
+// IMPORTANT: This exploit performs LOCAL PRIVILEGE ESCALATION only (non-root → root
+// inside the container).  It does NOT escape the container or affect the host.
+// You must already have a non-root shell inside the container to use it.
+//
 // The exploit abuses a bug in the interaction between AF_ALG AEAD sockets and
 // the splice/pipe subsystem.  By sending a payload via sendmsg(MSG_MORE) and
 // then splicing read-only file pages into the same socket's pipe buffers, the
@@ -237,7 +241,9 @@ func CopyFailExploit(targetBin string) error {
 type copyFailCVE202631431S struct{ base.BaseExploit }
 
 func (p copyFailCVE202631431S) Desc() string {
-	return "Overwrite SUID binary page cache via CVE-2026-31431 (AF_ALG + splice). " +
+	return "CVE-2026-31431 (copy-fail): local privilege escalation from non-root to root " +
+		"inside the container by overwriting a SUID binary's page cache via AF_ALG + splice. " +
+		"NOTE: this exploit does NOT escape the container. " +
 		"Usage: ./cdk run copy-fail-cve-2026-31431 [/usr/bin/su]"
 }
 
@@ -250,6 +256,7 @@ func (p copyFailCVE202631431S) Run() bool {
 	}
 
 	log.Printf("[*] CVE-2026-31431 copy-fail exploit targeting %s\n", targetBin)
+	log.Println("[*] NOTE: This exploit performs local privilege escalation (non-root → root) inside the container only. It does NOT escape the container.")
 	if err := CopyFailExploit(targetBin); err != nil {
 		log.Printf("[-] Exploit failed: %v\n", err)
 		return false