Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
Lifecycle Timeline
3DescriptionCVE.org
In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to download charts, the chartURL is directly concatenated into the command, allowing attackers to inject wget's --header option to achieve arbitrary HTTP header injection.
AnalysisAI
KubePlus 4.1.4 allows server-side request forgery (SSRF) and arbitrary HTTP header injection through improperly validated chartURL fields in ResourceComposition resources. The mutating webhook and kubeconfiggenerator components concatenate user-supplied chartURL values directly into wget command invocations without proper escaping, enabling attackers to inject wget options such as --header to forge HTTP requests or exfiltrate sensitive data. No patch version information is currently available, and exploitation status remains unconfirmed from authoritative sources.
Technical ContextAI
KubePlus is a Kubernetes extension framework that manages ResourceComposition objects. The vulnerability resides in two components: the mutating webhook, which processes ResourceComposition specifications, and the kubeconfiggenerator tool, which downloads Helm charts specified via the chartURL field. The root cause involves inadequate input validation and unsafe command construction-the chartURL is URL-encoded but not validated against a whitelist of allowed hosts or protocols, and critically, is concatenated directly into a shell command executing wget. This allows command injection via wget's command-line argument syntax. The SSRF vector permits requests to internal Kubernetes services, cloud metadata endpoints, or other restricted network resources. The HTTP header injection vector enables attackers to manipulate request headers, potentially bypassing authentication, cache poisoning, or exfiltrating data through response headers.
RemediationAI
No vendor-released patch identified at time of analysis. Organizations should immediately audit deployments of KubePlus 4.1.4 to determine exposure and contact the KubePlus project maintainers for patched version availability. As interim mitigations, restrict network access to kubeconfiggenerator endpoints using network policies, disable or remove the mutating webhook if not actively required, and implement input validation at the Kubernetes API level to reject ResourceComposition objects with suspicious chartURL values (those pointing to private IP ranges, localhost, or containing shell metacharacters). Refer to the public PoC and advisory at https://github.com/b0b0haha/CVE-2026-29954/blob/main/README.md and https://gist.github.com/b0b0haha/33baea60fd2a847f11f1fb02e43c64c0 for detailed exploitation mechanics and potential detection signatures.
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17133
GHSA-wh9f-6qqx-hhhv