| CVE-2026-40868 |
high |
8.1 |
8.1 |
|
|
|
1mo ago |
kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token |
| CVE-2026-41485 |
unknown |
— |
— |
|
|
|
1mo ago |
Kyverno Controller Denial of Service via forEach Mutation Panic |
| CVE-2026-41323 |
unknown |
— |
— |
|
|
|
1mo ago |
Kyverno: ServiceAccount token leaked to external servers via apiCall service URL |
| CVE-2026-41068 |
unknown |
— |
— |
|
|
|
1mo ago |
Kyverno: Cross-Namespace Read Bypasses RBAC Isolation (CVE-2026-22039 Incomplete Fix) |
| CVE-2026-4789 |
unknown |
— |
— |
|
|
|
2mo ago |
Kyverno has SSRF via CEL http.Get/http.Post in NamespacedValidatingPolicy allows cross-namespace data access |
| CVE-2026-23881 |
unknown |
— |
— |
|
|
|
4mo ago |
Kyverno Denial of Service via Context Variable Amplification in Policy Engine in github.com/kyverno/kyverno |
| CVE-2026-22039 |
unknown |
— |
— |
|
|
|
4mo ago |
Kyverno Cross-Namespace Privilege Escalation via Policy apiCall in github.com/kyverno/kyverno |
| CVE-2025-47281 |
unknown |
— |
— |
|
|
|
10mo ago |
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service in github.com/kyverno/kyverno |
| CVE-2025-46342 |
unknown |
— |
— |
|
|
|
1y ago |
Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements in github.com/kyverno/kyverno |
| CVE-2025-29778 |
unknown |
— |
— |
|
|
|
1y ago |
Kyverno ignores subjectRegExp and IssuerRegExp in github.com/kyverno/kyverno |
| CVE-2024-48921 |
unknown |
— |
— |
|
|
|
2y ago |
Kyverno's PolicyException objects can be created in any namespace by default in github.com/kyverno/kyverno |
| CVE-2023-42816 |
unknown |
— |
— |
|
|
|
2y ago |
Denial of service from malicious signature in kyverno in github.com/kyverno/kyverno |
| CVE-2023-42814 |
unknown |
— |
— |
|
|
|
2y ago |
Denial of service from malicious image manifest in kyverno in github.com/kyverno/kyverno |
| CVE-2023-42813 |
unknown |
— |
— |
|
|
|
2y ago |
Denial of service from malicious manifest in kyverno in github.com/kyverno/kyverno |
| CVE-2023-42815 |
unknown |
— |
— |
|
|
|
2y ago |
Denial of service from malicious image manifest in kyverno in github.com/kyverno/kyverno |
| CVE-2023-47630 |
unknown |
— |
— |
|
|
|
3y ago |
Attacker can cause Kyverno user to unintentionally consume insecure image in github.com/kyverno/kyverno |
| CVE-2023-34091 |
unknown |
— |
— |
|
|
|
3y ago |
Kyverno resource with a deletionTimestamp may allow policy circumvention in github.com/kyverno/kyverno |
| CVE-2023-33191 |
unknown |
— |
— |
|
|
|
3y ago |
kyverno seccomp control can be circumvented in github.com/kyverno/kyverno |
| CVE-2022-47633 |
unknown |
— |
— |
|
|
|
4y ago |
Verification rule bypass in github.com/kyverno/kyverno |