Lucene search
K

322 matches found

EUVD
EUVD
added 2026/06/30 6:16 p.m.13 views

EUVD-2026-36095

Fission: Cross-namespace event leakage via KubernetesWatchTrigger allows persistent tenant surveillance...

7.7CVSS5.8AI score0.00231EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 6:16 p.m.4 views

GHSA-GC3J-79F2-7VVW Fission: Cross-namespace event leakage via KubernetesWatchTrigger allows persistent tenant surveillance

Summary A low-privilege developer who could create a KubernetesWatchTrigger KWT in their own namespace was able to establish a persistent surveillance channel over any other namespace. Details Two independent flaws compounded: 1. pkg/kubewatcher/kubewatcher.go::createKubernetesWatch used...

7.7CVSS5.8AI score0.00231EPSS
Exploits0References6
OSV
OSV
added 2026/06/30 6:15 p.m.4 views

GHSA-VJHC-CF4P-72Q4 Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration

Summary Fission's buildermgr controller processed Package CRDs without verifying that Package.spec.environment.namespace matched Package.metadata.namespace. Details An attacker with packages.fission.io/create in their own namespace could set spec.environment.namespace to any other tenant's...

7.7CVSS5.9AI score0.00231EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 5:16 p.m.9 views

CVE-2026-13434

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-network annotation without format validation or...

4.9CVSS0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 4:0 p.m.13 views

CVE-2026-13434

CVE-2026-13434 affects KubeVirt’s network annotation generator used when provisioning VirtualMachineInstance with Multus networks. The flaw writes the supplied networkName verbatim into the v1.multus-cni.io/default-network annotation without format validation or sanitization, with only an empty-s...

4.9CVSS5.9AI score0.00155EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 2026/06/26 4:0 p.m.7 views

EUVD-2026-39796

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-network annotation without format validation or...

4.9CVSS5.9AI score0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:0 p.m.37 views

CVE-2026-13434 Virt-controller-rhel9: kubevirt: kubevirt: multus default-network annotation injection via unvalidated tenant networkname when externalnetresourceinjection is enabled

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-network annotation without format validation or...

4.9CVSS0.00155EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 4:0 p.m.8 views

CVE-2026-13434

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-network annotation without format validation or...

4.9CVSS5.9AI score0.00155EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52848

Name of the Vulnerable Software and Affected Versions KubeVirt versions 1.8.0 and later Description A flaw exists in the network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the networkName value is written directly into the launcher...

4.9CVSS5.8AI score0.00155EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 10:34 p.m.3 views

GO-2026-5526 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation in github.com/openbao/openbao

OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation in github.com/openbao/openbao...

2.7CVSS5.8AI score0.00301EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 6:43 p.m.5 views

GO-2026-5304 OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao

OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/revoke,renew — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/25 6:43 p.m.7 views

GO-2026-5337 Kyverno: Cross-Namespace Read Bypasses RBAC Isolation (CVE-2026-22039 Incomplete Fix) in github.com/kyverno/kyverno

Kyverno: Cross-Namespace Read Bypasses RBAC Isolation CVE-2026-22039 Incomplete Fix in github.com/kyverno/kyverno...

7.7CVSS5.8AI score0.00516EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-51109

Summary OpenBao users with access to the sys/leases/revoke/:lease id endpoint in any namespace can revoke leases in any other namespace as long as the lease identifier is known to them, bypassing ACLs that should apply for cross-namespace revocations. Impact OpenBao's namespaces provide...

2.1CVSS5.8AI score
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/18 11:13 a.m.12 views

CVE-2026-55225

When the Strimzi cluster operator is deployed with watchAnyNamespace=true or a multi-namespace list, any namespace editor can set Kafka.spec.entityOperator.userOperator.watchedNamespace or topicOperator.watchedNamespace to an arbitrary namespace. The cluster operator then creates a Role granting...

8CVSS5.5AI score
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:25 p.m.29 views

CVE-2026-49824 Fission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Fission Function admission webhook pkg/webhook/function.go validated that spec.secrets.namespace and spec.configmaps.namespace...

8.5CVSS0.00223EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:25 p.m.23 views

CVE-2026-49824

Fission (Kubernetes-native serverless framework) prior to v1.24.0 allowed a cross-namespace environment reference via the Function admission webhook because spec.environment.namespace was not validated, unlike spec.secrets[].namespace and spec.configmaps[].namespace. The issue affects the Functio...

8.5CVSS5.4AI score0.00223EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 5:23 p.m.10 views

CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS5.4AI score0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:23 p.m.33 views

CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...

7.7CVSS0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 5:22 p.m.28 views

CVE-2026-49822 Fission: Cross-namespace event leakage via KubernetesWatchTrigger allows persistent tenant surveillance

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a low-privilege developer who could create a KubernetesWatchTrigger KWT in their own namespace was able to establish a persistent...

7.7CVSS0.00231EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 5:22 p.m.24 views

CVE-2026-49822

CVE-2026-49822 affects the Fission framework (Kubernetes-native serverless) prior to version 1.24.0. A low-privilege developer who could create a KubernetesWatchTrigger (KWT) in their own namespace could establish a persistent surveillance channel into other namespaces, enabling cross-namespace e...

7.7CVSS5.4AI score0.00231EPSS
Exploits0References3
Rows per page
Query Builder