HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-50564Published Modified CNA GitHub_M

CVE-2026-50564: Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs for runtime and builder pods. The merge logic propagated hostNetwork, hostPID, hostIPC, container privileged, and serviceAccountName from the user-supplied podspec with no filtering, and Environment.Validate performed no security-relevant checks on these fields. This issue has been patched in version 1.24.0.

Metrics

CVSS v3.1
9.9
Severity
CRITICAL
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is a privilege-escalation and container-escape vulnerability in Fission, an open-source Kubernetes-native serverless framework. Any authenticated user with permission to create or update a Fission Environment custom resource can inject host-level settings (hostNetwork, hostPID, hostIPC, privileged containers, arbitrary serviceAccountName) into the pod spec that Fission builds and runs on the cluster. Successful exploitation gives the attacker a privileged pod with full visibility into host processes and networking, effectively escaping the container boundary and compromising the underlying Kubernetes node. HarborGuard tracks this advisory and will make a patched-image rebuild available the moment version 1.24.0 or a later fix is published upstream.

HarborGuard Coverage

Detection

Detection of CVE-2026-50564 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle Fission components. Any image in a customer registry or CI pipeline that carries an affected Fission version is flagged automatically.

Available
Triage

Triage is available with a CVSS v3.1 score of 9.9 (Critical), and HarborGuard applies per-environment compliance policy weighting to surface the finding at the correct severity tier for each customer org. Routed alerts reach the team or inbox configured in each environment's notification policy so the right people see the finding without manual sorting.

Available
Patch

Because no upstream fix version has been published yet, HarborGuard re-checks this advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment a remediated release appears upstream. For customers who opt into auto-remediation, the rebuild, regression run, and PR against affected workloads will be triggered without manual intervention as soon as the fix is available.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The Fission API server is exposed over the network, so an attacker must be able to reach it remotely to submit a malicious Environment CRD.

  • AuthenticationRequired

    The attacker must hold a low-privilege Kubernetes account with permission to create or update Fission Environment resources; anonymous access is not sufficient.

  • Victim interactionNot required

    No user interaction is needed; the attacker submits the malicious resource directly and the framework processes it automatically.

  • Attack complexityDetail

    Attack complexity is low: the exploit requires only a well-formed Environment CRD payload and no race conditions, memory layout assumptions, or other environmental factors.

Blast Radius

  • Attacker gains a privileged container with hostPID enabled, allowing it to inspect and signal every process running on the underlying Kubernetes node.
  • With hostNetwork enabled, the attacker's pod shares the node's network stack, exposing all inter-node traffic, cloud metadata endpoints, and internal cluster services.
  • Arbitrary serviceAccountName injection lets the attacker impersonate any Kubernetes service account on the cluster, reading secrets and calling the API server with that account's permissions.
  • Full node compromise allows the attacker to read host filesystem paths, extract credentials stored in other pods, and potentially pivot to additional nodes in the cluster.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-50564 is active across all customer environments, matching every image that bundles an affected Fission release. Because no upstream fix has been published, HarborGuard monitors the advisory on each ingest cycle and will trigger a patched-image rebuild automatically once version 1.24.0 or later is released. For customers who opt into auto-remediation, that rebuild will be followed by a regression test run and a PR opened against affected workloads with no manual steps required. While the fix is pending, compensating controls worth considering include applying Kubernetes admission policies (OPA Gatekeeper or Kyverno) that deny pods with hostPID, hostNetwork, hostIPC, or privileged set to true; restricting RBAC so that only trusted operators can create or update Fission Environment resources; and using network policies to limit which workloads can reach the Fission controller API. HarborGuard will surface a rebuild notification as soon as the upstream patch is available.

See how HarborGuard automates this
Affected packages
  • fission / fission
    < 1.24.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References