| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Known vulnerabilities affecting Kubernetes products and systems
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-7163 | A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scop... | 5.5 |
| 125 |
| Neutral |
| No |
| Yes |
| CVE-2026-4740 | A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed cl... | 8.2 | 587 | Neutral | Yes | Yes |
| CVE-2026-4342 | A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of ... | 8.8 | 630 | Neutral | No | Yes |
| CVE-2026-41246 | ### Impact Contour's [Cookie Rewriting](https://projectcontour.io/docs/1.33/config/cookie-rewriting/) feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modif... | 8.1 | 639 | Neutral | No | Yes |
| CVE-2026-39884 | ## Summary The `port_forward` tool in `mcp-server-kubernetes` constructs a kubectl command as a string and splits it on spaces before passing to `spawn()`. Unlike all other tools in the codebase whic... | 8.1 | 476 | Neutral | No | Yes |
| CVE-2026-34992 | ### Impact This is a missing encryption vulnerability (CWE-311) affecting inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled (`trafficEncrypt... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2026-34940 | ## CHAMP: Description ### Summary The `ollamaStartupProbeScript()` function in `internal/modelcontroller/engine_ollama.go` constructs a shell command string using `fmt.Sprintf` with unsanitized mode... | 8.8 | 809 | Neutral | Yes | Yes |
| CVE-2026-33105 | Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network. | 9.8 | 653 | Neutral | No | Yes |
| CVE-2026-3288 | A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/rewrite-target` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary co... | 8.8 | 740 | Neutral | Yes | No |
| CVE-2026-32828 | ## Summary Kargo's built-in `http` and `http-download` promotion steps execute outbound HTTP requests from the Kargo controller. By design, these steps do not restrict destination addresses, as there... | 4.9 | 226 | Neutral | No | Yes |
| CVE-2026-32254 | # kube-router Proxy Module Does Not Validate ExternalIPs or LoadBalancer IPs Against Configured Ranges ## Summary This issue primarily affects multi-tenant clusters where untrusted users are granted... | 7.1 | 348 | Neutral | No | Yes |
| CVE-2026-32241 | ### Background The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. This backend uses shell commands stored in Kubernetes annotations... | 8.8 | 708 | Neutral | No | Yes |
| CVE-2026-27112 | ## Summary The batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. When either endpoint creates a `Project` resource, creation of... | 9.9 | 649 | Neutral | No | Yes |
| CVE-2026-27111 | ## Summary Kargo's authorization model includes a `promote` verb -- a non-standard Kubernetes ["dolphin verb"](https://www.aquasec.com/blog/kubernetes-verbs/) -- that gates the ability to advance `Fr... | 5.0 | 175 | Neutral | No | Yes |
| CVE-2026-25804 | ### Impact Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with ... | 9.1 | 568 | Neutral | No | Yes |
| CVE-2026-25750 | Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studi... | 8.1 | 476 | Neutral | No | Yes |
| CVE-2026-25538 | # Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage ## Summary This vulnerability exists in Devtron's Attributes API interface, allowing any authenticated user (inc... | 8.8 | 609 | Neutral | No | Yes |
| CVE-2026-24748 | ### Impact A bug was found with authentication checks on the `GetConfig()` API endpoint. This allowed unauthenticated users to access this endpoint by specifying an `Authorization` header with any no... | 7.2 | 394 | Neutral | No | Yes |
| CVE-2026-22549 | A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive permissions to read cluster secrets. Note: Software versions which have reached End of Technical Support (EoTS)... | 4.9 | 97 | Neutral | No | Yes |
| CVE-2025-70849 | Arbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the /store endpoint. The application renders uploaded content without... | 6.1 | 395 | Neutral | Yes | Yes |