CVE-2026-41485

Kyverno statement: Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler can be triggered by a user with policy creation rights, causing the cluster-wide background controller to crash into a persistent CrashLoopBackOff and the admission controller to dr...

CVE-2026-41485 Kyverno Controller Denial of Service via forEach Mutation Panic

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...

PT-2026-34846

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.18.0-rc1, 1.17.2-rc1, and 1.16.4, Kyverno's apiCall feature in ClusterPolicy automatically attaches the admission controller's ServiceAccount token to outgoing HTTP requests. The service URL has n...

CVE-2026-40868 kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header...

CVE-2026-40868

Kyverno pre-1.16.4 apiCall serviceCall implicitly injects the Authorization: Bearer token from the kyverno serviceaccount when a policy omits an Authorization header. Since context.apiCall.service.url is policy-controlled, this can leak the serviceaccount token to attacker-controlled endpoints (c...

Unintended Proxy or Intermediary ('Confused Deputy')

Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...

Unintended Proxy or Intermediary ('Confused Deputy')

Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...

Unintended Proxy or Intermediary ('Confused Deputy')

Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...

Unintended Proxy or Intermediary ('Confused Deputy')

Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...

kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token

kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header. because context.apiCall.service.url is policy-controlled, this can send the kyverno serviceaccount tok...

PT-2026-33227

Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.16.4 Description The apiCall servicecall helper implicitly injects an 'Authorization: Bearer ...' header using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization heade...

Bypassing Kyverno Policies via Double Policy Exceptions

Summary If a cluster has a Kyverno policy in enforce mode and there are two exceptions, this allows the policy to be bypassed, even if the first exception is more restrictive than the second. Details The following policy was applied: yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata:...

BIT-KYVERNO-2024-48921 Kyverno's PolicyException objects can be created in any namespace by default

Kyverno is a policy engine designed for Kubernetes. A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. By design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this...