Omni Vulnerabilities Misuse Imported Cluster and SAML Handling

EXECUTIVE SUMMARY:

Both vulnerabilities have been identified in Omni, the Sidero Labs cluster management platform. The issues include an information-disclosure flaw that allows a Reader-level user to retrieve the full CA private key bundle of imported Talos clusters, and a TOCTOU race condition that permits replay of a supposedly single-use SAML session token. These weaknesses can be leveraged to obtain unauthorized access to Kubernetes, Talos, and etcd APIs or to impersonate legitimate users, potentially leading to full control of workloads, credential theft, and service interruption. Organizations relying on Omni for multi-cluster orchestration face heightened risk of data compromise and operational disruption.[emaillocker id="1283"]

CVE-2026-45726 with a CVSS score of 7.6 – This vulnerability allows a Reader‑level user in Omni to read the ImportedClusterSecrets resource and obtain the full CA private key bundle for an imported Talos cluster; exploitation requires that an imported cluster exists and its secrets have not been rotated, and the attacker only needs read‑only access to the Omni API.

CVE-2026-45720 with a CVSS score of 7.0 – This flaw is a TOCTOU race condition in the SAML session handling where concurrent requests can both see a token as unused and succeed, enabling an attacker who has intercepted a valid saml‑session token to replay it multiple times and act as the victim; the prerequisite is possession of the one‑time token, typically via network interception or browser compromise.

RECOMMENDATION:

• We strongly recommend you update github.com/siderolabs/omni to below version:
• https://github.com/siderolabs/omni/releases

REFERENCES:

The following reports contain further technical details:

https://github.com/advisories/GHSA-wv8c-6mx2-xf4j
https://github.com/advisories/GHSA-5x9f-6vg5-qg4m