Kyverno SSRF: Breaking Kubernetes Namespace Isolation (CVE-2026-4789)
Complete Cloud Security in Minutes – Orca Security
2026-04-10 07:05:47
收藏
A critical SSRF (Server-Side Request Forgery, where an attacker tricks a server into making HTTP requests on their behalf) vulnerability affects Kyverno versions 1.16.0 and later. Users with namespace-scoped permissions can make arbitrary HTTP requests from the Kyverno admission controller pod, bypassing Kubernetes RBAC entirely. This enables access to internal cluster services, cross-namespace data theft, […]
The post Kyverno SSRF: Breaking Kubernetes Namespace Isolation (CVE-2026-4789) appeared first on Orca Security.
目录
最新
- GenAI Risks in Cloud Environments: What Security Teams Are Actually Missing in 2026
- What Is Multi-Cloud Security?
- What Is Cloud Detection and Response (CDR)?
- Linux kernel vulnerability enables local theft of SSH host keys and /etc/shadow
- 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated DoS and Potential RCE
- Announcing Cloud Security Agent Skills for Orca’s MCP Server
- TanStack and 160+ npm/PyPI Packages Compromised in Supply Chain Worm Attack
- Dirty Frag: Linux Kernel Vulnerability Chain Enables Local Privilege Escalation to Root