CVE-2026-5483
CVE-2026-5483
8.5
HighPublished:
Last updated:
Source:secalert@redhat.com
Analyzed
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- High
- Privileges Required
- Low
- User Interaction
- None
- Scope
- Changed
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an attacker to gain unauthorized access to Kubernetes resources.
References
secalert@redhat.com
https://access.redhat.com/errata/RHSA-2026:7397secalert@redhat.com
https://access.redhat.com/errata/RHSA-2026:7398secalert@redhat.com
https://access.redhat.com/errata/RHSA-2026:7403secalert@redhat.com
https://access.redhat.com/errata/RHSA-2026:7404secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2026-5483secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2454764