Peled

**Name of the Vulnerable Software and Affected Versions** Kubernetes versions prior to 1.29.14 Kubernetes versions prior to 1.30.10 Kubernetes versions prior to 1.31.6 **Description** This issue is a command injection affecting Windows worker nodes via the `/logs` query API. The vulnerability allows attackers to execute arbitrary commands on the host machine. The `pattern` parameter of the NodeLogQuery feature is directly passed to PowerShell without filtering, enabling command injection for any user or service account with GET permissions on `nodes/logs`. Successful exploitation allows execution of commands with SYSTEM privileges on all Windows nodes. **Recommendations** Upgrade Kubernetes to version 1.29.14 or later. Upgrade Kubernetes to version 1.30.10 or later. Upgrade Kubernetes to version 1.31.6 or later.