CVE-2026-49823: Fission Kubernetes Namespace Isolation Bypass
Fission, an open-source serverless framework for Kubernetes, contains a namespace isolation bypass in versions prior to 1.24.0. When defining Fission Functions, administrators can reference Secrets, ConfigMaps, and Packages. The admission webhook—a Kubernetes security control—validated namespace boundaries for Secrets and ConfigMaps but failed to validate the namespace referenced in PackageRef. This gap allows an authenticated user in one namespace to access packages from other namespaces, violating expected isolation. Version 1.24.0 patches this validation gap.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 7.7 HIGH · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
- Weaknesses (CWE)
- CWE-284, CWE-863
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-10 / 2026-06-17
NVD description (verbatim)
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by the admission webhook; PackageRef.Namespace was not. This issue has been patched in version 1.24.0.
3 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
In Fission's Function specification, PackageRef objects were not subject to namespace validation checks enforced by the admission webhook, unlike SecretRef and ConfigMapRef. The PackageRef.Namespace field could reference packages outside the Function's own namespace without restriction. Since admission webhooks are a primary enforcement mechanism for Kubernetes multi-tenancy policies, this oversight creates a cross-namespace access path. The vulnerability is rooted in incomplete CWE-284 (Improper Access Control) and CWE-863 (Incorrect Authorization) patterns. Exploitation requires existing cluster authentication (authenticated user), but does not require elevated RBAC permissions, making it a privilege escalation within the cluster.
Business impact
In shared Kubernetes clusters, this vulnerability enables namespace-level privilege escalation. Authenticated users can exfiltrate sensitive data packaged in other namespaces—such as configuration, credentials, or compiled functions—without elevated cluster roles. For organizations running Fission as a multi-tenant platform or shared infrastructure, this can lead to data exposure across isolated development, testing, or customer workloads. The impact is confidentiality-focused; the attacker gains read access to packages they should not be able to reference.
Affected systems
Fission versions prior to 1.24.0 are affected. The vulnerability requires a deployed Fission control plane with admission webhook enforcement enabled and at least one Function resource defined. It impacts any Kubernetes cluster running vulnerable Fission releases where namespace isolation is a security boundary.
Exploitability
Exploitation requires prior authentication to the Kubernetes cluster and the ability to create or modify Fission Function resources (typically within a namespace). An attacker with standard user privileges can craft a Function spec with a cross-namespace PackageRef to retrieve packages from other namespaces. No authentication bypass, code execution, or external network access is required. The attack is straightforward for an insider or compromised service account with namespace-scoped permissions.
Remediation
Upgrade Fission to version 1.24.0 or later. This release adds PackageRef.Namespace validation to the admission webhook, enforcing the same namespace boundary checks applied to SecretRef and ConfigMapRef. Verify the upgrade is complete and the admission webhook is operational post-deployment.
Patch guidance
Upgrade Fission to version 1.24.0. Consult the official Fission release notes and deployment documentation for version-specific upgrade paths and any configuration changes. For Helm-based deployments, update the Fission Helm chart to a version that includes 1.24.0 or later. Ensure the admission webhook is enabled after upgrade by verifying ValidatingWebhookConfiguration and MutatingWebhookConfiguration resources are in place and healthy.
Detection guidance
Review Function resources across all namespaces for PackageRef fields that reference packages in different namespaces than the Function itself. Query the cluster with kubectl get functions -A -o yaml or equivalent to identify cross-namespace PackageRef usage. Monitor admission webhook logs for rejected requests (a sign that the patch is working) and audit API server logs for Function creation or modification events that involve unexpected namespace references. Look for patterns where service accounts or users are accessing packages outside their intended namespace.
Why prioritize this
With a CVSS score of 7.7 (HIGH), this vulnerability merits prompt remediation in multi-tenant environments. Kubernetes namespace isolation is a foundational security boundary; bypassing it exposes sensitive workload data. The low attack complexity and absence of elevated privileges required make exploitation accessible to insiders. While not yet in the CISA KEV catalog, any Fission deployment with namespace-isolated workloads should prioritize patching.
Risk score, explained
CVSS 3.1 score of 7.7 reflects a network-accessible vulnerability (AV:N), no special conditions required (AC:L), requiring only low privileges (PR:L). The attacker gains high confidentiality impact (C:H) by reading cross-namespace packages, with no integrity or availability impact. The scope is changed (S:C) because the attacker's actions affect resources outside their authority boundary. The absence of authentication bypass or code execution keeps the score below critical levels.
Frequently asked questions
Can this vulnerability be exploited from outside the Kubernetes cluster?
No. The attack requires authentication to the Kubernetes API and the ability to submit Function resources. This is an in-cluster or insider threat, not a remote unauthenticated attack.
Does upgrading to 1.24.0 require downtime?
This depends on your deployment strategy and Fission architecture. Rolling updates should minimize disruption if your Fission control plane supports high availability. Verify with your deployment guide and test in a non-production environment first.
How can I tell if my cluster is exploited before patching?
Audit Function resources for PackageRef fields that cross namespace boundaries (the PackageRef.Namespace differs from the Function's namespace). If found, investigate whether the cross-namespace access was intentional. Post-patch, the admission webhook will reject such attempts.
Are there workarounds if I cannot patch immediately?
Implement network policies and RBAC rules to restrict package access by namespace. However, these are defense-in-depth measures, not substitutes for the patch. Prioritize upgrading as soon as feasible.
This analysis is provided for informational purposes and reflects publicly available information as of the publication date. CVSS scores are derived from the CVE record and may not reflect all environmental factors. Organizations should validate patch applicability and test upgrades in non-production environments before deployment. For the authoritative patch status and detailed remediation steps, consult the official Fission project advisories and release notes. Source: NVD (public-domain), retrieved 2026-07-19. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-49824HIGHFission Kubernetes Admission Webhook Namespace Validation Bypass (CVSS 8.5)
- CVE-2025-14774HIGHABB T-MAC Plus Denial-of-Service Vulnerability (CVSS 7.4)
- CVE-2025-22426HIGHAndroid ComputerEngine URI Escalation Privilege Vulnerability
- CVE-2025-32348HIGHAndroid Local Privilege Escalation via Missing Permission Check
- CVE-2026-0272HIGHPalo Alto PAN-OS Privilege Escalation Vulnerability (PA-Series, VM-Series, Panorama)
- CVE-2026-11179HIGHChrome ORB Site Isolation Bypass (CVSS 8.8)
- CVE-2026-11344HIGHUnrestricted File Upload in code-projects Vehicle Management System 1.0
- CVE-2026-11474HIGHUnrestricted File Upload in Kushan2k Student Management System