4 matches found
CVE-2026-23634 Pepr Overly Permissive RBAC ClusterRole in Admin Mode
Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting started” experience smooth: new users can experiment with...
CVE-2026-23634 Pepr Overly Permissive RBAC ClusterRole in Admin Mode
Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting started” experience smooth: new users can experiment with...
CVE-2026-23634
Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting started” experience smooth: new users can experiment with...
@pepr/istio (=0.1.0), @pepr/keycloak-authsvc (>=0.3.0 <=0.6.0) potentially affected by CVE-2026-23634 via pepr (>=0.14.2 <=0.9.0)
pepr NPM version =0.14.2, =0.3.0, =0.6.0 Source cves: CVE-2026-23634 Source advisory: OSV:GHSA-W54X-R83C-X79Q...