CVE-2026-4789 PUBLISHED

CVE-2026-4789

Assigner: certcc
Reserved: 24.03.2026 Published: 30.03.2026 Updated: 30.03.2026

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions.

Product Status

Vendor Kyverno
Product Kyverno
Versions
  • Version 1.16.0 is affected

References

Problem Types

  • CWE-918 Server-Side Request Forgery (SSRF)