THE Kyverno team issued an urgent security update for a critical vulnerability, CVE-2026-22039, which carries a maximum CVSS score of 10 and can allow any user with policy creation rights to effectively become a cluster admin, shattering isolation in Kubernetes environments. The flaw stems from how Kyverno handles API calls within namespaced policies, with the apiCall feature failing to enforce namespace boundaries, meaning a policy in one namespace could trigger requests across the cluster.
According to GHSA-r2rj-wwm5-x6mq, the resolved urlPath is executed using the Kyverno admission controller ServiceAccount with no enforcement that the request is limited to the policy’s namespace. In addition, a high-severity Denial of Service vulnerability, CVE-2026-23881, with a CVSS of 7.7, was fixed alongside the critical flaw.
Patched versions v1.16.3 and v1.15.3 introduce strict validation logic to ensure namespaced policies can only target resources within their own namespace, preventing cross-boundary access. The article notes the vulnerability affects Kyverno versions 1.16.2 and earlier, as well as 1.15.2 and earlier, and was published on 30 January 2026.