Skip to main content

OpenShift AI EUVDEUVD-2026-21547

| CVE-2026-5483 CRITICAL
Insertion of Sensitive Information Into Sent Data (CWE-201)
2026-04-10 redhat GHSA-w59f-v72r-w493
9.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.9 CRITICAL
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vuln.today AI
9.9 CRITICAL

Network-reachable endpoint exploitable by a low-priv authenticated dashboard user (PR:L, AC:L); the leaked SA token authenticates to the Kubernetes API, crossing a scope boundary (S:C) with full C/I/A impact on cluster resources.

3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Red Hat
8.5 HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

10
Analysis Updated
Jun 30, 2026 - 03:51 vuln.today
v5 (cvss_changed)
Analysis Updated
Jun 30, 2026 - 03:48 vuln.today
v4 (cvss_changed)
Analysis Updated
Jun 30, 2026 - 03:47 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 30, 2026 - 03:47 vuln.today
v2 (cvss_changed)
Severity Changed
Jun 30, 2026 - 03:24 NVD
HIGH CRITICAL
CVSS changed
Jun 30, 2026 - 03:24 NVD
8.5 (HIGH) 9.9 (CRITICAL)
Re-analysis Queued
Apr 21, 2026 - 19:52 vuln.today
cvss_changed
EUVD ID Assigned
Apr 10, 2026 - 18:00 euvd
EUVD-2026-21547
Analysis Generated
Apr 10, 2026 - 18:00 vuln.today
CVE Published
Apr 10, 2026 - 17:33 nvd
HIGH 8.5

DescriptionNVD

A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the odh-dashboard component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an attacker to gain unauthorized access to Kubernetes resources.

AnalysisAI

Kubernetes Service Account token disclosure in the odh-dashboard component of Red Hat OpenShift AI (RHOAI) lets an authenticated low-privileged user retrieve SA tokens via an exposed NodeJS endpoint, then reuse them to reach Kubernetes resources beyond the dashboard's intended scope. Rated CVSS 9.9 with a changed scope, the flaw effectively converts limited dashboard access into broad cluster access. There is no public exploit identified at time of analysis and EPSS is very low (0.06%), but a vendor patch is already available via Red Hat errata.

Technical ContextAI

OpenShift AI (RHOAI) is Red Hat's machine-learning platform that runs on OpenShift/Kubernetes; odh-dashboard is its Node.js-based web frontend (derived from Open Data Hub). In Kubernetes, Service Account tokens are bearer credentials that the API server accepts for authentication and authorization - possession of a token grants whatever RBAC the associated SA holds. The root cause maps to CWE-201 (Insertion of Sensitive Information Into Sent Data): a dashboard backend endpoint returns SA token material to the client rather than keeping it server-side, exposing a credential that should never transit to the user. Because the leaked token authenticates directly to the Kubernetes API, the impact crosses a trust boundary from the application to the cluster control plane, which is reflected in the CVSS scope change (S:C).

RemediationAI

Apply the Red Hat fix by upgrading odh-dashboard / RHOAI to the patched releases shipped in the errata - Red Hat OpenShift AI 2.16 (patched image digest sha256:0a983da3...110341) and 3.3 (sha256:14ee2bbd...3293e); pull the updated operator/dashboard images per RHSA-2026:7397 (and related RHSA-2026:7403/7398/7404) at https://access.redhat.com/errata/RHSA-2026:7397 and the CVE page https://access.redhat.com/security/cve/CVE-2026-5483. Until patching is complete, reduce exposure by restricting network access to the odh-dashboard route (limit it to trusted networks/VPN or an authenticating reverse proxy) and tightening who holds dashboard access, since that limits which users can reach the leaking endpoint; as a containment measure, scope down RBAC on the affected Service Account(s) and rotate any SA tokens that may have been exposed so leaked credentials lose validity. Trade-offs: restricting the route or rotating tokens can disrupt legitimate data-science users and running workloads, so coordinate token rotation with workload owners. Track remediation against the Bugzilla record https://bugzilla.redhat.com/show_bug.cgi?id=2454764.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Vendor StatusVendor

Share

EUVD-2026-21547 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy