PT-2026-44721

Name of the Vulnerable Software and Affected Versions Capsule versions prior to 0.13.0 Description The Capsule Controller runs with cluster-admin privileges. A flaw exists in the HandleSection function within the internal/controllers/resources/processor.go file, where the processing logic for...

Improper Access Control

github.com/redhatinsights/runtimes-inventory-operator is vulnerable to improper access control. The vulnerability is due to a misconfigured internal proxy that attaches administrative credentials to all commands, which allows a standard user to send unauthorized commands and gain full cluster...

Red Hat OpenShift GitOps 安全漏洞

Red Hat OpenShift GitOps is an automated deployment service from Red Hat USA. A security vulnerability exists in Red Hat OpenShift GitOps that stems from a namespace administrator being able to create an ArgoCD custom resource to gain privileges, potentially leading to full control of the cluster...

EUVD-2025-10910

Malicious code in bioql PyPI...

CVE-2023-30622

Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called cluster-hub inside the clusternet-syste...

Improper Privilege Management in Cilium

Impact If an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can leverage Cilium's Kubernetes service account to gain access to cluster privileges that are more permissive than what is minimally required to operate...

GHSA-FMRF-GVJP-5J5G Improper Privilege Management in Cilium

Impact If an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can leverage Cilium's Kubernetes service account to gain access to cluster privileges that are more permissive than what is minimally required to operate...