diff --git a/cli/config/configuration-acrn.toml.in b/cli/config/configuration-acrn.toml.in
index 0d174b0ba2..1d22a92c6f 100644
--- a/cli/config/configuration-acrn.toml.in
+++ b/cli/config/configuration-acrn.toml.in
@@ -17,7 +17,13 @@ kernel = "@KERNELPATH_ACRN@"
 image = "@IMAGEPATH@"
 
 # List of valid annotations values for the hypervisor (default: empty)
-# Each member of the list can be a regular expression
+# Each member of the list can be a regular expression, but prefer names.
+# Otherwise, please read and understand the following carefully.
+# SECURITY WARNING: If you use regular expressions, be mindful that
+# an attacker could craft an annotation that uses .. to escape the paths
+# you gave. For example, if your regexp is /bin/qemu.* then if there is
+# a directory named /bin/qemu.d/, then an attacker can pass an annotation
+# containing /bin/qemu.d/../put-any-binary-name-here and attack your host.
 # path_list = [ "@ACRNPATH@.*" ]
 
 # List of valid annotations values for ctlpath (default: empty)
diff --git a/cli/config/configuration-clh.toml.in b/cli/config/configuration-clh.toml.in
index e4778b9827..ba0d320f0b 100644
--- a/cli/config/configuration-clh.toml.in
+++ b/cli/config/configuration-clh.toml.in
@@ -12,12 +12,19 @@
 
 [hypervisor.clh]
 path = "@CLHPATH@"
-# List of valid annotations values for the hypervisor (default: empty)
-# Each member of the list can be a regular expression
-# path_list = [ "@CLHPATH@.*" ]
 kernel = "@KERNELPATH_CLH@"
 image = "@IMAGEPATH@"
 
+# List of valid annotations values for the hypervisor (default: empty)
+# Each member of the list can be a regular expression, but prefer names.
+# Otherwise, please read and understand the following carefully.
+# SECURITY WARNING: If you use regular expressions, be mindful that
+# an attacker could craft an annotation that uses .. to escape the paths
+# you gave. For example, if your regexp is /bin/qemu.* then if there is
+# a directory named /bin/qemu.d/, then an attacker can pass an annotation
+# containing /bin/qemu.d/../put-any-binary-name-here and attack your host.
+# path_list = [ "@CLHPATH@.*" ]
+
 # Optional space-separated list of options to pass to the guest kernel.
 # For example, use `kernel_params = "vsyscall=emulate"` if you are having
 # trouble running pre-2.15 glibc.
diff --git a/cli/config/configuration-fc.toml.in b/cli/config/configuration-fc.toml.in
index 20c9ee4604..81d86d89f4 100644
--- a/cli/config/configuration-fc.toml.in
+++ b/cli/config/configuration-fc.toml.in
@@ -16,7 +16,13 @@ kernel = "@KERNELPATH_FC@"
 image = "@IMAGEPATH@"
 
 # List of valid annotations values for the hypervisor (default: empty)
-# Each member of the list can be a regular expression
+# Each member of the list can be a regular expression, but prefer names.
+# Otherwise, please read and understand the following carefully.
+# SECURITY WARNING: If you use regular expressions, be mindful that
+# an attacker could craft an annotation that uses .. to escape the paths
+# you gave. For example, if your regexp is /bin/qemu.* then if there is
+# a directory named /bin/qemu.d/, then an attacker can pass an annotation
+# containing /bin/qemu.d/../put-any-binary-name-here and attack your host.
 # path_list = [ "@FCPATH@.*" ]
 
 # Path for the jailer specific to firecracker
diff --git a/cli/config/configuration-qemu-virtiofs.toml.in b/cli/config/configuration-qemu-virtiofs.toml.in
index 3b58f518d6..de9887e8e4 100644
--- a/cli/config/configuration-qemu-virtiofs.toml.in
+++ b/cli/config/configuration-qemu-virtiofs.toml.in
@@ -17,7 +17,13 @@ image = "@IMAGEPATH@"
 machine_type = "@MACHINETYPE@"
 
 # List of valid annotations values for the hypervisor (default: empty)
-# Each member of the list can be a regular expression
+# Each member of the list can be a regular expression, but prefer names.
+# Otherwise, please read and understand the following carefully.
+# SECURITY WARNING: If you use regular expressions, be mindful that
+# an attacker could craft an annotation that uses .. to escape the paths
+# you gave. For example, if your regexp is /bin/qemu.* then if there is
+# a directory named /bin/qemu.d/, then an attacker can pass an annotation
+# containing /bin/qemu.d/../put-any-binary-name-here and attack your host.
 # path_list = [ "@QEMUPATH@.*" ]
 
 # Optional space-separated list of options to pass to the guest kernel.
diff --git a/cli/config/configuration-qemu.toml.in b/cli/config/configuration-qemu.toml.in
index e8ff0662c5..d6c86ec775 100644
--- a/cli/config/configuration-qemu.toml.in
+++ b/cli/config/configuration-qemu.toml.in
@@ -13,7 +13,13 @@
 [hypervisor.qemu]
 path = "@QEMUPATH@"
 # List of valid annotations values for the hypervisor (default: empty)
-# Each member of the list can be a regular expression
+# Each member of the list can be a regular expression, but prefer names.
+# Otherwise, please read and understand the following carefully.
+# SECURITY WARNING: If you use regular expressions, be mindful that
+# an attacker could craft an annotation that uses .. to escape the paths
+# you gave. For example, if your regexp is /bin/qemu.* then if there is
+# a directory named /bin/qemu.d/, then an attacker can pass an annotation
+# containing /bin/qemu.d/../put-any-binary-name-here and attack your host.
 # path_list = [ "@QEMUPATH@.*" ]
 kernel = "@KERNELPATH@"
 initrd = "@INITRDPATH@"