Lucene search
K

6 matches found

EUVD
EUVD
added 2026/04/24 3:14 a.m.6 views

EUVD-2026-25382

Kyverno is a policy engine designed for cloud native platform engineering teams. The patch for CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's apiCall context by validating the URLPath field. However, the ConfigMap context loader has the identical vulnerability — the...

9.9CVSS7.5AI score0.00516EPSS
Exploits2References2
NVD
NVD
added 2026/04/15 10:17 p.m.11 views

CVE-2026-6388

A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates ...

9.1CVSS0.00357EPSS
Exploits0References3
CVE
CVE
added 2026/04/15 9:34 p.m.17 views

CVE-2026-6388

The CVE describes a vulnerability in ArgoCD Image Updater where a user with rights to create/modify an ImageUpdater in a multi-tenant environment can bypass namespace boundaries due to insufficient validation. This leads to cross-namespace privilege escalation and unauthorized image updates on ap...

9.1CVSS5.7AI score0.00357EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/15 9:34 p.m.19 views

CVE-2026-6388 Argocd-image-updater: argocd image updater: cross-namespace privilege escalation via insufficient namespace validation

A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates ...

9.1CVSS0.00357EPSS
Exploits0References2
OSV
OSV
added 2026/02/02 9:5 p.m.6 views

GO-2026-4381 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall in github.com/kyverno/kyverno

Kyverno Cross-Namespace Privilege Escalation via Policy apiCall in github.com/kyverno/kyverno...

9.9CVSS5.2AI score0.00516EPSS
Exploits1References4
Veracode
Veracode
added 2017/05/02 7:6 a.m.10 views

Cross Namespace Escalation

github.com/kubernetes/kubernetes is vulnerable to cross namespace escalation attacks. A malicious user can submit a HPA request against another namespace that they have no permissions on and use it to manipulate resources...

6.8AI score
Exploits0
Rows per page
Query Builder