CVE-2026-54495

MEDIUMPre-NVD 4.34.3
EchelonGraph scoreHIGH confidence

Score 4.3 from GitHub Security Advisory published 2026-07-15. the CNA's CVSS baseline 4.3; sources differ by 0.0.

Triggered by: GitHub Security Advisory CVSS
Sources: cna:github_m, ghsa
4.3
EchelonGraph verdictMonitorLow exploitation likelihood right now — keep watching.
  • Lower severity and no public exploit yet
CISA-KEV: Not listedEPSS: CVSS: 4.3Exploit: NoneExposed: 0

No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.

open-feature-operator: Cross-namespace FeatureFlagSource and InProcessConfiguration resolution exposes spec contents on multi-tenant clusters

Summary

A namespaced FeatureFlagSource or InProcessConfiguration resource can be referenced cross-namespace via the openfeature.dev/featureflagsource annotation using the documented {NAMESPACE}/{NAME} syntax. The operator resolves the referenced resource cluster-wide and materializes its contents (env vars, flagd sidecar arguments including httpSyncBearerToken, sync URIs, supporting ConfigMaps) into the referencing workload.

On multi-tenant clusters that treat namespaces as trust boundaries, a tenant who can deploy a controller-owned workload in their own namespace can cause the operator to read another tenant's FeatureFlagSource / InProcessConfiguration spec contents.

Impact

  • Single-tenant clusters: not impacted.
  • Multi-tenant clusters using namespaces as trust boundaries: tenant-to-tenant disclosure of any data placed inline in FeatureFlagSource / InProcessConfiguration spec, including spec.envVars literal values, spec.httpSyncBearerToken, and sync URIs.

Behavior is documented

The cross-namespace {NAMESPACE}/{NAME} annotation syntax is intentional and documented in docs/annotations.md and docs/feature_flag_source.md. The operator's cluster-wide RBAC scope is intentional. Namespace-as-trust-boundary is not part of the operator's current stated security model.

This advisory makes the tenancy assumption explicit and tracks the architectural change that will eliminate the implicit cross-namespace pattern.

Corrections to the original report

Two technical points in the original report require correction:

  • secretKeyRef / configMapKeyRef cross-namespace disclosure is not possible via this path. Kubelet resolves these as LocalObjectReference against the pod's own namespace; the operator does not bypass that. The actual disclosure surface is FeatureFlagSource / InProcessConfiguration spec contents the operator itself materializes (inline envVars values, httpSyncBearerToken, sync URIs).
  • create featureflagsources is not a prerequisite. The webhook rejects pods without OwnerReferences (pod_webhook.go:75-77), so the prerequisite is create on a workload controller (deployments, statefulsets, daemonsets, jobs, cronjobs, replicasets) in a namespace the attacker controls. FeatureFlagSource create in any namespace is not required.

Mitigations

As with any Kubernetes CRD, treat the spec content of FeatureFlagSource and InProcessConfiguration as readable by anyone with read access to the resource, and don't place plaintext secrets in CR spec fields. Fields most likely to bite users:

  • spec.sources[].source, when the URI embeds credentials (e.g. https://user:pass@host/repo)
  • spec.sources[].certPath, if the path itself is sensitive
  • inline spec.envVars[].value (use valueFrom.secretKeyRef instead; kubelet enforces same-namespace resolution and the secret value is not stored in the CR)

If developers treat namespaces as trust boundaries:

  • restrict create on featureflagsources / inprocessconfigurations via RBAC where feasible,

Roadmap

A future release will introduce explicit cluster-scoped CRDs (ClusterFeatureFlagSource, ClusterInProcessConfiguration) and remove implicit cross-namespace resolution. This is a breaking change tracked in #847.

Precedent

This class of issue (authenticated namespace tenant abuses an unenforced cluster-wide surface that crosses an assumed namespace boundary) has Kubernetes precedent: CVE-2020-8554 (External IPs) was accepted as documented posture and mitigated via an opt-in admission plugin.

Credit

Reported by @0xVijay. Thanks for the disclosure. This appears to be an example of https://cwe.mitre.org/data/definitions/668.html. In terms of how it ended up here, it's more of an unimplemented security feature than an "bug". It seems to deviate from reasonable expectations and conventions in the K8s ecosystem. See https://nvd.nist.gov/vuln/detail/cve-2020-8554 as an example of a comparable vulnerability.

CVSS v3
4.3
EG Score
4.3(high)
EPSS
KEV
Not listed

Published

July 15, 2026

Last Modified

July 15, 2026

Vendor Advisories for CVE-2026-54495(1)

These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.

Patch Availability(1)

Vendor / EcosystemFixed in / PatchReleasedSource
gogithub.com/open-feature/open-feature-operatorghsa

Patches are aggregated from vendor advisories (Red Hat, Microsoft, Cisco, GitHub) and package ecosystems (OSV, GHSA). Multiple rows for the same upstream release have been deduplicated.

Weakness Classification(1)

MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.

Data Freshness Timeline

(refreshed 2× in last 7d / 2× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

  1. 2026-07-15 22:54 UTCEG score recompute
  2. 2026-07-15 22:54 UTCGHSA enrichment

Frequently asked(4)

What is CVE-2026-54495?
CVE-2026-54495 is a medium vulnerability published on July 15, 2026. open-feature-operator: Cross-namespace FeatureFlagSource and InProcessConfiguration resolution exposes spec contents on multi-tenant clusters Summary A namespaced FeatureFlagSource or InProcessConfiguration resource can be referenced cross-namespace via the openfeature.dev/featureflagsource…
When was CVE-2026-54495 disclosed?
CVE-2026-54495 was first published in the National Vulnerability Database on July 15, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.
What is the CVSS score of CVE-2026-54495?
CVE-2026-54495 has a CVSS v4.0 base score of 4.3 (CNA self-assessment; NVD's own analysis pending).
How do I remediate CVE-2026-54495?
Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2026-54495, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

Explore the affected products and dependency analysis for CVE-2026-54495

Explore →

Is Your Infrastructure Affected by CVE-2026-54495?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.