CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2026/02/03 8:42 a.m.•1 views

BIT-KYVERNO-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...

9.9CVSS5.6AI score0.00026EPSS

Exploits1References4

Vulnrichment•added 2026/01/27 4:7 p.m.•2 views

CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

9.9CVSS5.9AI score0.00026EPSS

Exploits1References3

Cvelist•added 2026/01/27 4:7 p.m.•17 views

CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

9.9CVSS0.00026EPSS

Exploits1References3

OSV•added 2026/01/27 4:7 p.m.•5 views

CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

9.9CVSS5.9AI score0.00026EPSS

Exploits1References5

CNNVD•added 2026/01/27 12:0 a.m.•2 views

Kyverno code-related vulnerabilities

Kyverno is an open-source policy engine designed for Kubernetes by Kyverno developers. Versions of Kyverno prior to 1.16.3 and 1.15.3 contained code vulnerabilities. These vulnerabilities stemmed from an authorization bypass in the “Kyverno Policy apiCall” namespace, which could lead to...

9.9CVSS7.5AI score0.00026EPSS

Exploits1References4

Positive Technologies•added 2026/01/27 12:0 a.m.•4 views

PT-2026-4953

Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.16.3 and 1.15.3 Description Kyverno, a policy engine for cloud native platform engineering teams, contains a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is...

9.9CVSS6AI score0.00026EPSS

Exploits1References165

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by