CVE-2026-41323 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: April 24, 2026
Kyverno - Authentication Bypass
Published: April 24, 2026Updated: April 24, 2026Remote Exploitable
Overview
Kyverno < 1.18.0-rc1, 1.17.2-rc1, 1.16.4 contains a broken authentication caused by automatic attachment of admission controller's ServiceAccount token to unvalidated apiCall URLs, letting attackers with control over the URL achieve full cluster compromise, exploit requires attacker-controlled service URL.
Severity & Score
Severity: High
CVSS Score: 8.1
Impact
Attackers can steal ServiceAccount tokens to patch webhook configurations, leading to full cluster compromise.
Mitigation
Upgrade to versions 1.18.0-rc1, 1.17.2-rc1, 1.16.4 or later.
References
- https://github.com/kyverno/kyverno/commit/bc4f91c4801b1eaa2edc0a14e2f1b0af8cf0c1f5
- https://github.com/kyverno/kyverno/commit/c2eab00033e635bda4e4efb58c1b472b41728bb6
- https://github.com/kyverno/kyverno/commit/f70e8ac1e7acd2e3844f9553e4a884f07f953de0
- https://github.com/kyverno/kyverno/security/advisories/GHSA-f9g8-6ppc-pqq4
Related Resources
Details
- CVE ID
- CVE-2026-41323
- Severity
- High
- CVSS Score
- 8.1
- Type
- broken_authentication
- Status
- new
CWE
- CWE-200
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N