CVE-2026-23881

High CVSS: 7.7

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially amplify string data through context variables. Versions 1.16.3 and 1.15.3 contain a patch for the vulnerability.

Vendor

Kyverno

Product

Kyverno

CWE

CWE-770

Yayın Tarihi

2026-01-27 17:16:12

Güncelleme

2026-02-02 15:20:13

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-770 Kyverno HIGH Kyverno 2026

Referanslar

https://github.com/kyverno/kyverno/commit/7a651be3a8c78dcabfbf4178b8d89026bf3b850f https://github.com/kyverno/kyverno/commit/f5617f60920568a301740485472bf704892175b7 https://github.com/kyverno/kyverno/security/advisories/GHSA-r2rj-wwm5-x6mq

Benzer Kayıtlar

Critical

CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions.

Critical

CVE-2026-22039

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 hav…

High

CVE-2025-47281

Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial…

Medium

CVE-2025-29778

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyvern…