CVE-2026-50563 – Fission Container Executor Function PodSpec Injection Leading to Node Escape

admin
June 10, 2026
Wire

CVE ID :CVE-2026-50563

Published : June 10, 2026, 6:17 p.m. | 1 hour ago

Description :Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission’s Container Executor path lets a tenant supply Function.spec.podspec directly; the executor merges it into the executor-built podspec and creates a Deployment whose pods run the user’s container image. This issue has been patched in version 1.24.0.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more… To Read More Visit Read More

Related Posts

Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments

CVE-2026-55196 – Hermes WebUI < 0.51.409 – Unauthenticated Passkey Registration via Authentication Bypass

CVE-2026-53871 – Hermes WebUI < 0.51.368 – Profile-Scoped Authorization Bypass via Forged hermes_profile Cookie