Skip to main content

Capsule CVE-2026-55636

MEDIUM
Incorrect Authorization (CWE-863)
2026-06-17 https://github.com/projectcapsule/capsule GHSA-gwxr-7h77-7777
5.7
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.7 MEDIUM
AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:L
vuln.today AI
6.5 MEDIUM

Non-admin namespaces/finalize RBAC suffices (PR:L), no victim interaction needed (UI:N), and impact is purely integrity - tenant label hijack with no confidentiality or availability consequence.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
Low

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 18, 2026 - 01:56 vuln.today
Analysis Generated
Jun 18, 2026 - 01:56 vuln.today

DescriptionGitHub Advisory

Summary

Capsule v0.13.2 webhook rules contain namespace/finalize (singular) instead of namespaces/finalize (plural). K8s requires plural. The finalize defense from CVE-2026-30963 fix is absent.

Details

PUT to /api/v1/namespaces/<ns>/finalize has resource=namespaces (plural). The singular rule never matches. matchPolicy: Equivalent does not compensate.

PoC

Confirmed on kind + Capsule v0.13.2. alice (non-admin with namespaces/finalize RBAC): kubectl label --as=alice = DENIED (control). kubectl replace --raw /finalize --as=alice = 200 OK (bypass). Tenant label changed.

Impact

Namespace tenant-label hijack. Same threat model as CVE-2026-30963. One-char fix: namespace/finalize -> namespaces/finalize. The CVE-2026-30963 fix in Capsule v0.13.2 added subresource entries to the namespace validating webhook, but charts/capsule/templates/configuration.yaml line 105 contains a singular/plural typo: namespace/finalize instead of namespaces/finalize. Kubernetes webhook rules require the plural resource name. The finalize subresource defense is entirely absent.

Details

In Kubernetes admission webhooks, rules.resources matches against the plural resource name. A PUT to /api/v1/namespaces/<ns>/finalize has resource=namespaces (plural). The rule namespace/finalize (singular) never matches any real API request.

The matchPolicy: Equivalent setting does NOT compensate (it handles API group/version variations, not resource name typos).

PoC

Confirmed on kind cluster + Capsule v0.13.2 (Helm chart):

bash
# Setup: alice with namespaces/finalize RBAC
kubectl apply -f - <<EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: ns-finalize-updater
rules:
- apiGroups: [""]
-   resources: ["namespaces/finalize"]
-   verbs: ["update"]
- - apiGroups: [""]
-   resources: ["namespaces"]
-   verbs: ["get", "list"]
- EOF
- kubectl create clusterrolebinding alice-finalize --clusterrole=ns-finalize-updater --user=alice
# Control: normal label change DENIED
kubectl label namespace oil-prod capsule.clastix.io/tenant=evil --overwrite --as=alice
# Error: admission webhook denied
# Bypass: finalize changes tenant label (webhook NOT invoked)
kubectl get namespace oil-prod -o json > /tmp/ns.json
# modify tenant label to "hijacked"
kubectl replace --raw "/api/v1/namespaces/oil-prod/finalize" -f /tmp/ns_modified.json --as=alice
# 200 OK - tenant label changed

Impact

Namespace tenant-label hijack via the finalize subresource bypass. Same threat model as CVE-2026-30963. One-character fix needed: namespace/finalize -> namespaces/finalize.

AnalysisAI

Namespace tenant-label hijack in Capsule v0.13.0-0.13.5 allows an authenticated Kubernetes user with namespaces/finalize RBAC permission to bypass the validating admission webhook and overwrite tenant isolation labels via the finalize subresource. The root cause is a one-character typo in the Helm chart configuration - namespace/finalize (singular) instead of namespaces/finalize (plural) - rendering the CVE-2026-30963 patch in v0.13.2 entirely ineffective. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain namespaces/finalize RBAC grant
Delivery
Retrieve target namespace JSON via kubectl get
Exploit
Modify capsule.clastix.io/tenant label in JSON
Execution
PUT to /api/v1/namespaces/<ns>/finalize (webhook never invoked due to typo)
Impact
Tenant label hijacked on target namespace

Vulnerability AssessmentAI

Exploitation The attacker must hold a Kubernetes RBAC permission explicitly granting update (or equivalent) on the namespaces/finalize subresource - either through a ClusterRole or Role binding. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS vector (AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:L) warrants scrutiny. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker operating as a Kubernetes user or service account with a legitimately or maliciously obtained ClusterRole granting update on namespaces/finalize issues a kubectl replace --raw /api/v1/namespaces/oil-prod/finalize request with a modified namespace JSON containing an altered capsule.clastix.io/tenant label. Because the Capsule webhook rule misspells the resource as namespace/finalize (singular), the API server never invokes the webhook, and the finalize PUT succeeds with HTTP 200, reclassifying the namespace under an attacker-controlled tenant. …
Remediation Upgrade Capsule to version 0.13.6 via Helm chart update, which corrects the singular/plural typo to `namespaces/finalize` in charts/capsule/templates/configuration.yaml line 105. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Share

CVE-2026-55636 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy