CVE-2026-30963: Capsule Namespace Hijacking via Subresource Webhook Bypass
Capsule is a Kubernetes framework that uses webhooks to prevent tenant administrators from hijacking namespaces—essentially taking control of cluster resources they shouldn't own. The framework checks most update requests, but it misses two specific APIs (namespace/status and namespace/finalize subresources) that can also change namespace ownership markers. Before version 0.13.0, a tenant admin with permission to use these subresources could bypass the webhook protection and seize a namespace. Version 0.13.0 patches this gap by ensuring the webhook intercepts both subresource types.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 3.9 LOW · CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
- Weaknesses (CWE)
- CWE-20
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-06-01 / 2026-06-17
NVD description (verbatim)
Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate update requests targeting namespaces. However, in Kubernetes, the namespace/finalize and namespace/status subresource APIs can also modify various fields of a namespace, including the metadata field. Prior to version 0.13.0, the webhook does not define interception rules for these subresources. As a result, if a tenant administrator has permission to modify namespace/status or namespace/finalize, they can successfully perform namespace hijacking. Version 0.13.0 fixes the issue. Another mitigation is to add two subresources (namespaces and snamespaces/status with namespace/finalize within it) to the resources list in the ValidatingWebhookConfiguration rules.
3 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
Capsule enforces multi-tenancy boundaries in Kubernetes via a ValidatingWebhookConfiguration that validates namespace update operations. The vulnerability stems from incomplete webhook interceptor rules: while the webhook covers the main namespace API, it does not define rules for the namespace/status and namespace/finalize subresources. These subresources can modify namespace metadata, including fields used for tenant assignment and isolation. A tenant administrator possessing RBAC permissions to patch or update these subresources can exploit this gap to perform namespace hijacking—reassigning a namespace or its metadata to escape their intended tenant boundary. The vulnerability is classified as CWE-20 (Improper Input Validation).
Business impact
In a multi-tenant Kubernetes environment, this vulnerability allows a tenant administrator to escalate privilege and access resources outside their assigned tenant scope. The blast radius depends on cluster configuration: if tenant admins have broad permissions, one compromised or malicious admin could disrupt neighboring tenants' workloads, access their secrets, or pollute shared infrastructure. For organizations using Capsule to enforce hard tenant isolation (e.g., serving multiple customers or business units on one cluster), exploitation could result in data exposure, service interruption, and compliance violations. The risk is heightened in environments where tenant admins are external users or contractors with limited trust.
Affected systems
All versions of Capsule prior to 0.13.0 are affected. The vulnerability requires the attacker to hold a tenant administrator role and have RBAC permissions to modify namespace/status or namespace/finalize subresources. This is a configuration-dependent risk: organizations that grant these subresource permissions to tenant admins face higher exposure. Version 0.13.0 and later remediate the issue by extending webhook interception rules to cover both subresources.
Exploitability
Exploitation requires three conditions: (1) the environment must run Capsule before version 0.13.0, (2) the attacker must be authenticated as a tenant administrator with RBAC permissions to patch or update namespace/status or namespace/finalize, and (3) the webhook must not have been manually augmented with rules covering these subresources. The CVSS score of 3.9 (LOW) reflects the requirement for high privilege, user interaction, and restricted scope. This is not a remote code execution vulnerability and cannot be exploited by unauthenticated users or those outside the Kubernetes API. However, the attack is deterministic once preconditions are met—no special tooling or complex techniques are required.
Remediation
Upgrade Capsule to version 0.13.0 or later to receive the patch. Organizations unable to upgrade immediately can implement a manual workaround by modifying their ValidatingWebhookConfiguration to add interception rules for the namespace/status and namespace/finalize subresources, blocking unauthorized modifications. Review tenant administrator RBAC bindings to ensure only necessary subresource permissions are granted; restrict access to namespace/status and namespace/finalize to system administrators where possible.
Patch guidance
Upgrade to Capsule version 0.13.0 or a later release. Verify the upgrade in a staging environment to confirm webhook rule changes do not interfere with legitimate namespace management workflows. Confirm that tenant administrators can still perform required namespace operations (labels, annotations) through standard namespace update APIs, and only privileged system administrators can modify status or finalize subresources. Test RBAC policies to ensure the fix does not break multi-tenant workloads.
Detection guidance
Monitor Kubernetes audit logs for PATCH or UPDATE requests to namespace/status or namespace/finalize subresources originating from tenant administrator accounts. Alert on modifications to namespace ownership or tenant assignment fields via these subresources, particularly if they diverge from the tenant administrator's declared namespace scope. Compare the Capsule webhook rule configuration against the current version's documented rules; missing namespace/status or namespace/finalize entries indicate a gap. Use kubectl to inspect the ValidatingWebhookConfiguration resource and verify all relevant subresources are listed.
Why prioritize this
Although the CVSS score is LOW, the vulnerability should be addressed in multi-tenant Kubernetes environments where tenant isolation is a security boundary. The exploit path is direct and does not require complex attack chains or social engineering. However, deployment context matters: standalone or single-tenant Capsule clusters face negligible risk, while shared multi-customer infrastructure should prioritize this patch. The June 2026 publication date and absence from the KEV catalog indicate this is not currently weaponized at scale.
Risk score, explained
The CVSS 3.1 score of 3.9 reflects a LOW severity due to the combination of high privilege requirement (PR:H), high attack complexity (AC:H), user interaction (UI:R), and limited scope of impact (S:U). The attacker must hold tenant administrator credentials and have explicit RBAC permissions. The vector restricts impact to confidentiality, integrity, and availability only for the tenant's own namespace scope, not the broader cluster. This rating is appropriate for a privilege escalation flaw affecting a subset of users in a specific configuration, but organizations with strict multi-tenant boundaries may assess local risk higher than the base score suggests.
Frequently asked questions
Can an unauthenticated user exploit this vulnerability?
No. The vulnerability requires the attacker to be authenticated as a tenant administrator with RBAC permissions to modify namespace/status or namespace/finalize. Unauthenticated users cannot access the Kubernetes API for these operations.
Does this vulnerability allow cluster-wide compromise or only namespace-level escape?
The vulnerability is scoped to namespace-level hijacking. An attacker can reassign metadata on namespaces within their administrative scope or, in misconfigured RBAC, potentially access namespaces outside their tenant. It does not grant direct access to other pods, nodes, or cluster-wide resources; the impact depends on what secrets or workloads reside in the target namespace.
Is there a workaround if we cannot upgrade Capsule immediately?
Yes. Update your ValidatingWebhookConfiguration to include interception rules for namespace/status and namespace/finalize subresources, matching the rules in Capsule version 0.13.0. Consult the Capsule repository or the vendor advisory for the exact rule syntax. Additionally, restrict RBAC permissions for these subresources to system administrators only.
How do we verify that the patch was applied correctly?
After upgrading to Capsule 0.13.0, inspect the ValidatingWebhookConfiguration resource in your cluster (typically in the Capsule namespace) and confirm that the webhook rules list both namespace/status and namespace/finalize. Test by attempting a namespace/finalize modification as a tenant admin and verify the webhook rejects it if the request lacks proper authorization.
This analysis is based on publicly available vulnerability data and vendor documentation as of June 2026. Exploitation scenarios and risk assessments are provided for awareness and should be evaluated against your specific Capsule configuration, RBAC policies, and multi-tenant deployment model. No active exploit or proof-of-concept is included. Always verify patch applicability and test in a staging environment before deploying to production. Consult the Capsule project maintainers and your security team for environment-specific guidance. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-44367LOWKlaw Username Case Sensitivity DoS and Account Lockout
- CVE-2025-22424HIGHAndroid Local Privilege Escalation via Image Disclosure
- CVE-2026-0018MEDIUMAndroid AccessibilityManagerService Denial of Service Vulnerability
- CVE-2026-0051MEDIUMAndroid UBSan Runtime Denial of Service Vulnerability
- CVE-2026-0070MEDIUMAndroid DevicePolicyManagerService Local Denial of Service Vulnerability
- CVE-2026-0078HIGHAndroid Privilege Escalation via DevicePolicyManagerService Desync
- CVE-2026-0085MEDIUMAndroid Contact Handler Denial of Service Vulnerability
- CVE-2026-10004MEDIUMChrome UI Spoofing Vulnerability – Password Dialog Hijacking