CVE-2026-27112

Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in the logic of both endpoints to inject arbitrary resources (of specific types only) into the underlying namespace of an existing Project using the API server's own permissions when that behavior was not intended. Critically, an attacker may exploit this as a vector for elevating their own permissions, which can then be leveraged to achieve remote code execution or secret exfiltration. Exfiltrated artifact repository credentials can be leveraged, in turn, to execute further attacks. In some configurations of the Kargo control plane's underlying Kubernetes cluster, elevated permissions may additionally be leveraged to achieve remote code execution or secret exfiltration using kubectl. This can reduce the complexity of the attack, however, worst case scenarios remain entirely achievable even without this. This vulnerability is fixed in v1.7.8, v1.8.11, and v1.9.3.

CVSS v3 9.9 CRITICAL

9.9^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.1 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/akuity/kargo/commit/155c6852ffbffa2902f18e6c7add91a846e8d344	Patch
https://github.com/akuity/kargo/security/advisories/GHSA-7g9x-cp9g-92mr	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:akuity:kargo::::::kubernetes::*
	cpe:2.3:a:akuity:kargo::::::kubernetes::*
	cpe:2.3:a:akuity:kargo::::::kubernetes::*

History

No history.

Information

Published : 2026-02-20 22:16

Updated : 2026-02-25 18:03

NVD link : CVE-2026-27112

Mitre link : CVE-2026-27112

CVE.ORG link : CVE-2026-27112

JSON object : View

Products Affected

akuity

kargo

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2026-27112", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-20T22:16:29.343", "references": [{"url": "https://github.com/akuity/kargo/commit/155c6852ffbffa2902f18e6c7add91a846e8d344", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/akuity/kargo/security/advisories/GHSA-7g9x-cp9g-92mr", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in the logic of both endpoints to inject arbitrary resources (of specific types only) into the underlying namespace of an existing Project using the API server's own permissions when that behavior was not intended. Critically, an attacker may exploit this as a vector for elevating their own permissions, which can then be leveraged to achieve remote code execution or secret exfiltration. Exfiltrated artifact repository credentials can be leveraged, in turn, to execute further attacks. In some configurations of the Kargo control plane's underlying Kubernetes cluster, elevated permissions may additionally be leveraged to achieve remote code execution or secret exfiltration using kubectl. This can reduce the complexity of the attack, however, worst case scenarios remain entirely achievable even without this. This vulnerability is fixed in v1.7.8, v1.8.11, and v1.9.3."}, {"lang": "es", "value": "Kargo gestiona y automatiza la promoci\u00f3n de artefactos de software. Desde la 1.7.0 hasta antes de las v1.7.8, v1.8.11 y v1.9.3, los puntos finales de creaci\u00f3n de recursos por lotes tanto de la API gRPC heredada de Kargo como de la API REST m\u00e1s reciente aceptan cargas \u00fatiles YAML de m\u00faltiples documentos. Cargas \u00fatiles especialmente dise\u00f1adas pueden manifestar un error presente en la l\u00f3gica de ambos puntos finales para inyectar recursos arbitrarios (solo de tipos espec\u00edficos) en el espacio de nombres subyacente de un Proyecto existente utilizando los propios permisos del servidor API cuando ese comportamiento no estaba previsto. Cr\u00edticamente, un atacante puede explotar esto como un vector para elevar sus propios permisos, lo que luego puede aprovecharse para lograr la ejecuci\u00f3n remota de c\u00f3digo o la exfiltraci\u00f3n de secretos. Las credenciales de repositorio de artefactos exfiltradas pueden aprovecharse, a su vez, para ejecutar ataques adicionales. En algunas configuraciones del cl\u00faster de Kubernetes subyacente del plano de control de Kargo, los permisos elevados pueden aprovecharse adicionalmente para lograr la ejecuci\u00f3n remota de c\u00f3digo o la exfiltraci\u00f3n de secretos usando kubectl. Esto puede reducir la complejidad del ataque, sin embargo, los escenarios de peor caso siguen siendo totalmente alcanzables incluso sin esto. Esta vulnerabilidad est\u00e1 corregida en las v1.7.8, v1.8.11 y v1.9.3."}], "lastModified": "2026-02-25T18:03:32.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:akuity:kargo:*:*:*:*:*:kubernetes:*:*", "vulnerable": true, "matchCriteriaId": "5A5AF03C-6D09-45BD-9C5D-A26A58F2FF32", "versionEndExcluding": "1.7.8", "versionStartIncluding": "1.7.0"}, {"criteria": "cpe:2.3:a:akuity:kargo:*:*:*:*:*:kubernetes:*:*", "vulnerable": true, "matchCriteriaId": "E8F9AD6D-0D73-48DE-BC30-52DA3E9539A9", "versionEndExcluding": "1.8.11", "versionStartIncluding": "1.8.0"}, {"criteria": "cpe:2.3:a:akuity:kargo:*:*:*:*:*:kubernetes:*:*", "vulnerable": true, "matchCriteriaId": "3B60DE85-B240-4BA0-896D-2A0BA369B0AF", "versionEndExcluding": "1.9.3", "versionStartIncluding": "1.9.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}