CVE-2026-15584
7.5
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes.
Affected Software
| Vendor | Product | Version Range | Status |
|---|
Weaknesses
- CWE-250: Execution with Unnecessary Privileges
References
- https://access.redhat.com/security/cve/CVE-2026-15584
- https://bugzilla.redhat.com/show_bug.cgi?id=2499647
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.