QSearchQSearch

CVE-2026-42965

7.7 HIGH

A flaw was found in the OpenShift Router

Published: 2026-05-29 · Last updated: 2026-06-08

Severity and scoring

CVSS
7.7 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE
CWE-918

Affected products

VendorProduct
redhatopenshift_container_platform, openshift_router

Description

A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN (Fully Qualified Domain Name) EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud metadata endpoint, leading to the disclosure of instance credentials and other sensitive metadata. This bypasses previous security measures for validating IP addresses.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-11793 A stack buffer overflow flaw was found in 389 Directory Server (4.9 MEDIUM)
  • CVE-2026-11790 A flaw was found in 389 Directory Server (4.9 MEDIUM)
  • CVE-2026-11789 A flaw was found in 389 Directory Server (4.9 MEDIUM)
  • CVE-2026-11788 A flaw was found in 389 Directory Server (5.9 MEDIUM)
  • CVE-2026-11787 A flaw was found in 389 Directory Server (5.0 MEDIUM)

Same CWE

  • CVE-2025-60175 Administrator Server Side Request Forgery (SSRF) in PopAd <= 1.0.4 versions (4.4 MEDIUM)
  • CVE-2026-12210 A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0 (6.3 MEDIUM)
  • CVE-2026-53827 OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata ... (6.5 MEDIUM)
  • CVE-2026-47268 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (6.4 MEDIUM)
  • CVE-2026-46717 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (7.7 HIGH)