CVE ID :CVE-2026-41068 Published : April 24, 2026, 4:16 a.m. | 1 hour, 33 minutes ago Description :Kyverno is a policy engine designed for cloud native platform engineering teams. The patch for CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's `apiCall` context by validating the `URLPath` field. However, the ConfigMap context loader has the identical vulnerability — the `configMap.namespace` field accepts any namespace with zero validation, allowing a namespace admin to read ConfigMaps from any namespace using Kyverno's privileged service account. This is a complete RBAC bypass in multi-tenant Kubernetes clusters. An updated fix is available in version 1.17.2. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...