CVE-2026-50563
published 2026-06-10CVE-2026-50563: Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version…
PriorityP259critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.27%
19.1th percentile
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Container Executor path lets a tenant supply Function.spec.podspec directly; the executor merges it into the executor-built podspec and creates a Deployment whose pods run the user's container image. This issue has been patched in version 1.24.0.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fission | fission | < 1.24.0 | 1.24.0 |
| github.com | fission_fission | >= 0 < 1.24.0 | 1.24.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Fission Container Executor Function PodSpec Injection Leading to Node Escape
ghsa·2026-06-30
CVE-2026-50563 [CRITICAL] CWE-269 Fission Container Executor Function PodSpec Injection Leading to Node Escape
Fission Container Executor Function PodSpec Injection Leading to Node Escape
### Summary
Fission's Container Executor path lets a tenant supply `Function.spec.podspec` directly; the executor merges it into the executor-built podspec and creates a Deployment whose pods run the user's container image.
### Details
Two flaws compounded:
1. `pkg/apis/core/v1/validation.go::FunctionSpec.Validate` only checked that `spec.PodSpec != nil` when `executorType: container`; it did not inspect the content of `spec.PodSpec`.
2. `pkg/executor/util/merge.go::MergePodSpec` unconditionally forwarded `hostPID`, `hostNetwork`, `hostIPC`, hostPath volumes, `serviceAccountName`, and container `privileged` into the Deployment spec via the container-executor sink
(`pkg/executor/executortype/container/deployme
VulDB
Fission up to 1.23.x privileges management (GHSA-v455-mv2v-5g92)
vuldb·2026-06-10·CVSS 9.9
CVE-2026-50563 [CRITICAL] Fission up to 1.23.x privileges management (GHSA-v455-mv2v-5g92)
A vulnerability was found in Fission up to 1.23.x. It has been rated as critical. Affected is an unknown function. This manipulation causes improper privilege management.
This vulnerability is tracked as CVE-2026-50563. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is advised.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-10
Published