Fleet Vulnerability Exposes Cluster Credentials Bypass

EXECUTIVE SUMMARY:

A critical vulnerability has been identified in the Helm deployment mechanism of the container management platform, specifically impacting multi-tenant environments. The flaw arises from a failure to consistently apply ServiceAccount impersonation during specific template rendering and value retrieval operations. With a CVSS score of 9.9, this vulnerability allows unauthorized users with repository access to bypass restricted boundaries and access sensitive data across downstream clusters. The failure to enforce least-privilege access during these operations presents a significant risk to the integrity and confidentiality of the entire cluster environment.[emaillocker id="1283"]

CVE-2026-41050: This vulnerability involves an improper authorization check within the Helm template engine and the value retrieval process. Affected components fail to utilize the restricted ServiceAccount credentials, instead defaulting to high-privilege cluster-admin permissions during API queries and secret lookups. The impact is a complete bypass of the multi-tenant isolation boundary, enabling an attacker to read secrets and configurations from any namespace.

The exploitation risk is considered critical, as it requires only standard git push access to a monitored repository to compromise sensitive cluster resources. The exploitation of this flaw can lead to the non-deterministic exposure of external service credentials and sensitive administrative data. Organizations utilizing multi-tenant configurations must prioritize remediation to prevent the unauthorized exfiltration of cluster-wide secrets.

RECOMMENDATION:

• We recommend you to update Fleet to version 0.11.13, 0.12.14, 0.13.10, 0.14.5, or 0.15.1, or Rancher to version 2.10.11, 2.11.13, 2.12.9, 2.13.5, or 2.14.1.

REFERENCES:

The following reports contain further technical details:
https://github.com/advisories/GHSA-765j-qfrp-hm3j