6 matches found
EUVD-2026-25382
Kyverno is a policy engine designed for cloud native platform engineering teams. The patch for CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's apiCall context by validating the URLPath field. However, the ConfigMap context loader has the identical vulnerability — the...
CVE-2026-6388
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates ...
CVE-2026-6388
The CVE describes a vulnerability in ArgoCD Image Updater where a user with rights to create/modify an ImageUpdater in a multi-tenant environment can bypass namespace boundaries due to insufficient validation. This leads to cross-namespace privilege escalation and unauthorized image updates on ap...
CVE-2026-6388 Argocd-image-updater: argocd image updater: cross-namespace privilege escalation via insufficient namespace validation
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates ...
GO-2026-4381 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall in github.com/kyverno/kyverno
Kyverno Cross-Namespace Privilege Escalation via Policy apiCall in github.com/kyverno/kyverno...
Cross Namespace Escalation
github.com/kubernetes/kubernetes is vulnerable to cross namespace escalation attacks. A malicious user can submit a HPA request against another namespace that they have no permissions on and use it to manipulate resources...