CVE-2026-25542

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern...

GHSA-RMX9-2PP3-XHCR Tekton Pipelines has VerificationPolicy regex pattern bypass via substring matching

hey guys, triage contract this is a first-screen summary; deterministic proof is in the proof bundle canonical.log/control.log/witness.txt. summary trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern using regexp.MatchString. in go,...

Tekton Pipelines has VerificationPolicy regex pattern bypass via substring matching

hey guys, triage contract this is a first-screen summary; deterministic proof is in the proof bundle canonical.log/control.log/witness.txt. summary trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern using regexp.MatchString. in go,...

CVE-2026-25542

Tekton Pipelines CVE-2026-25542 affects versions 0.43.0–1.11.0. The vulnerability arises because trusted resources verification policies compare refSource.URI against spec.resources[].pattern using Go’s regexp.MatchString, which reports a match if the pattern appears anywhere in the string. Unanc...

PT-2026-34001

Name of the Vulnerable Software and Affected Versions Tekton Pipelines versions 0.43.0 through 1.11.0 Description Trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern using the regexp.MatchString function. Because this function report...

CVE-2019-11748

WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the...