17 matches found
KubePi JwtSigKey - Admin Authentication Bypass
KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...
EUVD-2025-7228
Malicious code in bioql PyPI...
CVE-2025-23260
NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2025-23260
NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure...
CVE-2025-23260
CVE-2025-23260 involves NVIDIA AIStore’s AIS Operator. The Red Hat and NVIDIA-NS docs describe an issue where a user can gain elevated access to a Kubernetes cluster by abusing the ServiceAccount bound to the ClusterRole, potentially leading to information disclosure. Affected component is the AI...
PT-2025-26762
Name of the Vulnerable Software and Affected Versions: NVIDIA AIStore versions prior to 2.3.0 Description: The issue is related to a vulnerability in the AIS Operator of NVIDIA AIStore, where a user can gain elevated access to the k8s cluster by using the ServiceAccount attached to the ClusterRol...
CVE-2024-53349
Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster...
GO-2024-2930 RKE credentials are stored in the RKE1 Cluster state ConfigMap in github.com/rancher/rke
When RKE provisions a cluster, it stores the cluster state in a configmap called "full-cluster-state" inside the "kube-system" namespace of the cluster itself. This cluster state object contains information used to set up the K8s cluster, which may include sensitive data...
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094 Basic POC to test CVE-2024-3094 vulnerability in...
CVE-2023-22463 KubePi's Hardcoded Jwtsigkeys allows malicious actor to login with a forged JWT token
KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...
CVE-2023-22463 KubePi's Hardcoded Jwtsigkeys allows malicious actor to login with a forged JWT token
KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...
CVE-2023-22463 KubePi's Hardcoded Jwtsigkeys allows malicious actor to login with a forged JWT token
KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...
JwtSigKey hardcoded causes the k8s cluster to take over
Description The jwt authentication function of kubepi = v1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Further use the administrator to...
Exploit for Incomplete Internal State Distinction in Kubernetes
CVE-2021-25735 Exploit CVE-2021-25735: Kubernetes Validatin...
CDK - Zero Dependency Container Penetration Toolkit
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily. Currently still unde...
CVE-2018-20321
An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the...
CVE-2018-20321
An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the...