Kyverno Policy Engine Flaw Leaks Service Account Tokens
The National Vulnerability Database has disclosed CVE-2026-40868, a high-severity vulnerability (CVSS 8.1) in Kyverno, a policy engine for cloud-native environments. Prior to version 1.16.4, Kyverno’s apiCall servicecall helper implicitly injected the Kyverno controller service account token into API calls when an explicit Authorization header was absent.
This flaw means that if a ClusterPolicy or global context policy used context.apiCall.service.url without specifying an Authorization header, the Kyverno service account token could be inadvertently sent to an attacker-controlled endpoint. This constitutes a confused deputy scenario, where Kyverno acts on behalf of an attacker due to its implicit trust. The vulnerability is mitigated in Kyverno version 1.16.4.
This isn’t just a theoretical bug; it’s a critical logic bypass. An attacker leveraging this could gain unauthorized access or elevate privileges within the Kubernetes cluster by tricking Kyverno into authenticating to their malicious service. Defenders need to understand the implications of default behaviors and how they can be weaponized in cloud-native settings.
What This Means For You
- If your organization uses Kyverno, immediately verify that all `ClusterPolicy` and global context policies explicitly define `Authorization` headers for `apiCall` `servicecall` usage, or, even better, upgrade to Kyverno 1.16.4 or later. Audit your policies for any `context.apiCall.service.url` calls that might be implicitly leaking tokens. This isn't a 'wait and see' situation; an attacker could leverage this for serious privilege escalation.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-40868: Kyverno apiCall Service Account Token Leak to External Endpoint
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-40868 | Information Disclosure | Kyverno versions prior to 1.16.4 |
| CVE-2026-40868 | Information Disclosure | Kyverno apiCall servicecall helper implicitly injecting Authorization: Bearer token |
| CVE-2026-40868 | Information Disclosure | Vulnerable component: context.apiCall.service.url when policy does not explicitly set Authorization header |
| CVE-2026-40868 | Information Disclosure | Affected by ClusterPolicy and global context usage of servicecall |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 21, 2026 at 22:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related Posts
HKUDS OpenHarness Vulnerability Exposes Plugin Management to Attackers
CVE-2026-6819 — HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders...
CVE-2026-41320 — SQL Injection
CVE-2026-41320 — Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a...
WWBN AVideo RCE: Path Traversal Exposes Servers to Arbitrary File Writes
CVE-2026-40909 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, the locale save endpoint (`locale/save.php`) constructs a file path by...