CVE-2026-23634 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privileg…
Unknown CVSS: -

CVE-2026-23634

Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting started” experience smooth: new users can experiment with Pepr and create resources dynamically without needing to pre-configure RBAC. This vulnerability is fixed in 1.0.5.
Vendor
Defenseunicorns
Product
Pepr
CWE
CWE-272
Yayın Tarihi
2026-01-16 20:15:49
Güncelleme
2026-03-04 14:43:21
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-272 Pepr Defenseunicorns 2026

Referanslar

https://github.com/defenseunicorns/pepr/releases/tag/v1.0.5 https://github.com/defenseunicorns/pepr/security/advisories/GHSA-w54x-r83c-x79q