CVE-2026-27112

Name of the Vulnerable Software and Affected Versions Kargo versions 1.7.0 through 1.7.7 Kargo version 1.8.11 Kargo version 1.9.3

Description Kargo manages and automates the promotion of software artifacts. The batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can allow an attacker to inject arbitrary resources into the underlying namespace of an existing Project using the API server's own permissions when this behavior is not intended. This can be exploited to elevate permissions, potentially leading to remote code execution or secret exfiltration. Exfiltrated artifact repository credentials could be used for further attacks. In some Kubernetes cluster configurations, elevated permissions may enable remote code execution or secret exfiltration using kubectl. The API Endpoints affected are the batch resource creation endpoints of both the legacy gRPC API and the newer REST API. The issue stems from the logic within these endpoints when processing multi-document YAML payloads. An attacker can leverage this to inject resources into existing Projects.

Recommendations Update to Kargo version 1.7.8 or later. Update to Kargo version 1.8.11. Update to Kargo version 1.9.3 or later.