CVE-2026-34940P2HIGHCVSS 8.8fixed in 0.23.22026-04-06
CVE-2026-34940 [HIGH] CWE-78 CVE-2026-34940: KubeAI is an AI inference operator for kubernetes. Prior to 0.23.2, the ollamaStartupProbeScript() f
KubeAI is an AI inference operator for kubernetes. Prior to 0.23.2, the ollamaStartupProbeScript() function in internal/modelcontroller/engine_ollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components (ref, modelParam). This shell command is executed via bash -c as a Kubernetes startup probe. An attacker who ca
nvd