CVE-2026-40868
published 2026-04-21CVE-2026-40868: Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects…
PriorityP350high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.29%
20.6th percentile
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header. Because context.apiCall.service.url is policy-controlled, this can send the kyverno serviceaccount token to an attacker-controlled endpoint (confused deputy). Namespaced policies are blocked from servicecall usage by the namespaced urlPath gate in pkg/engine/apicall/apiCall.go, so this report is scoped to ClusterPolicy and global context usage. This vulnerability is fixed in 1.16.4.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | kyverno_kyverno | >= 0 < 1.17.0 | 1.17.0 |
| kyverno | kyverno | < 1.16.4 | 1.16.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Kyverno up to 1.16.3 API Call sensitive information
vuldb·2026-04-21·CVSS 8.1
CVE-2026-40868 [HIGH] Kyverno up to 1.16.3 API Call sensitive information
A vulnerability was found in Kyverno up to 1.16.3. It has been declared as critical. This issue affects some unknown processing of the component API Call Handler. The manipulation results in insecure storage of sensitive information.
This vulnerability is known as CVE-2026-40868. It is possible to launch the attack remotely. No exploit is available.
It is recommended to upgrade the affected component.
GHSA
kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token
ghsa·2026-04-14
CVE-2026-40868 [HIGH] CWE-441 kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token
kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token
kyverno’s apiCall servicecall helper implicitly injects `Authorization: Bearer ...` using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header. because `context.apiCall.service.url` is policy-controlled, this can send the kyverno serviceaccount token to an attacker-controlled endpoint (confused deputy).
namespaced policies are blocked from servicecall usage by the namespaced `urlPath` gate in `pkg/engine/apicall/apiCall.go`, so this report is scoped to ClusterPolicy and global context usage.
## attacker model
the attacker can create or update a ClusterPolicy (or create a GlobalContextEntry) which uses `context.apiCall.service.url` and can c
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-21
Published