QSearchQSearch

CVE-2026-22872

9.1 CRITICAL

Capsule is a multi-tenancy and policy-based framework for Kubernetes

Published: 2026-06-01 · Last updated: 2026-06-03

Severity and scoring

CVSS
9.1 CRITICAL
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE
CWE-20, CWE-863

Affected products

VendorProduct
projectcapsulecapsule

Description

Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Prior to version 0.13.0, tenant administrators can leverage the Controller's elevated privileges to create cluster-scoped resources (such as ClusterRole and ValidatingWebhookConfiguration) that they cannot create directly, achieving cross-tenant privilege escalation and cluster-level attacks. The attack vector has a few limiting factors. This attack requires Tenant Owner privileges and requires Capsule Controller running with cluster-admin privileges (default configuration). Additionally, some clusters may have additional admission controllers blocking malicious resources. Version 0.13.0 patches this issue.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-30963 Capsule is a multi-tenancy and policy-based framework for Kubernetes (3.9 LOW)

Same CWE

  • CVE-2026-49219 ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
  • CVE-2026-49218 ImageMagick is free and open-source software used for editing and manipulating digital images (7.5 HIGH)
  • CVE-2024-21944 Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a ... (5.3 MEDIUM)
  • CVE-2026-53738 Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdp_action_handling AJAX handler (8.1 HIGH)
  • CVE-2026-48110 Russh is a Rust SSH client & server library (7.5 HIGH)