Skip to main content

Tigera Calico CVE-2026-41184

| EUVDEUVD-2026-32931 MEDIUM
Insertion of Sensitive Information into Log File (CWE-532)
2026-05-28 Tigera GHSA-9p7w-w5q6-mxj3
6.0
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
6.0 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Source Code Evidence Fetched
May 28, 2026 - 17:27 vuln.today
Analysis Generated
May 28, 2026 - 17:27 vuln.today
CVSS changed
May 28, 2026 - 17:22 NVD
6.0 (MEDIUM)

DescriptionCVE.org

In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the __SERVICEACCOUNT_TOKEN__ placeholder (Canal/Flannel-Calico deployments), the installer substitutes the live Kubernetes ServiceAccount bearer token before logging, exposing the token to any authenticated user with pods/log permission in the namespace with calico-node. The token holds patch privileges on pods/status, enabling annotation-based attacks against cluster workloads. The default kubeconfig-based authentication path is not affected. This is a direct regression of TTA-2018-001.

AnalysisAI

Calico's install-cni init container leaks live Kubernetes ServiceAccount bearer tokens into pod logs when Canal/Flannel-Calico deployments use the __SERVICEACCOUNT_TOKEN__ placeholder, making the credential readable by any authenticated user with pods/log permission in the calico-node namespace. The exposed token carries patch privileges on pods/status, creating a lateral movement path via annotation-based attacks against cluster workloads. This is a confirmed regression of TTA-2018-001 reported by Tigera; no public exploit has been identified at time of analysis, though upstream patches are available via GitHub.

Technical ContextAI

CWE-532 (Insertion of Sensitive Information into Log File) is the root cause: the install-cni init container substitutes the __SERVICEACCOUNT_TOKEN__ placeholder with a live Kubernetes bearer token before writing the fully rendered CNI configuration to standard output via logrus. That stdout stream is captured as the init container's pod log, accessible to any principal with pods/log RBAC permission in the namespace. The flaw is specific to Canal/Flannel-Calico deployments using this token substitution path - the default kubeconfig-based authentication mode does not render or log the token and is explicitly confirmed unaffected. The affected product is identified via CPE cpe:2.3:a:tigera:calico:*:*:*:*:*:*:*:* covering all tracked Calico versions. The merged PR diff confirms the fix removes the fmt.Println(text) call that printed the full CNI config file contents, and replaces logrus calls in azure.go to emit only non-sensitive structured fields rather than the entire stdinData blob.

RemediationAI

Upstream fixes have been merged via GitHub PRs #12502 (https://github.com/projectcalico/calico/pull/12502), #12527 (https://github.com/projectcalico/calico/pull/12527), and #12526 (https://github.com/projectcalico/calico/pull/12526); however, an exact tagged release version incorporating these changes has not been independently confirmed from available data, so operators should monitor the Tigera advisory at https://www.tigera.io/security-bulletins/tta-2026-001/ for the authoritative patched release. As an immediate compensating control, operators can migrate Canal/Flannel-Calico nodes to kubeconfig-based authentication, which is confirmed unaffected - note this requires reconfiguring CNI templates and node restarts, so plan for maintenance windows. If migration is not immediately feasible, restrict pods/log RBAC access in the calico-node namespace to only trusted administrative principals; this trade-off may impede legitimate operator debugging workflows. Rotating any ServiceAccount tokens that may have been exposed in existing pod logs is also recommended regardless of patch status.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Share

CVE-2026-41184 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy