Back to overview

CVE-2026-15584

HIGH
7.5
CVSS 3.1
Description
A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes.

Metadata

CVE ID
CVE-2026-15584
State
PUBLISHED
Assigner
redhat
Reserved
2026-07-13 11:47 UTC
Published
2026-07-13 12:01 UTC
Last updated
2026-07-13 12:01 UTC
Primary CWE
CWE-250
Execution with Unnecessary Privileges
Vendor / Product
Red Hat / Pen Drive Powered by Red Hat Lightspeed
Sources
cve.org  ·  NVD

Severity & Metrics

7.5 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products (1)
VendorProductPlatformVersions
Red Hat Pen Drive Powered by Red Hat Lightspeed
Weakness (CWE)
CWESourceDescription
CWE-250 cna Execution with Unnecessary Privileges
CVSS scores (1)
ScoreSeverityVersionSourceVector
7.5 HIGH 3.1 cna CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Back to overview