CVE-2026-39961

Name of the Vulnerable Software and Affected Versions Aiven Operator versions 0.31.0 through 0.36.9

Description Aiven Operator allows provisioning and management of Aiven Services from a Kubernetes cluster. A developer with create permission on ClickhouseUser Custom Resource Definitions (CRDs) in their own namespace can exfiltrate secrets from any other namespace – production database credentials, API keys, service tokens – with a single kubectl apply. The operator reads the victim's secret using its ClusterRole and writes the password into a new secret in the attacker's namespace. The operator acts as a confused deputy, trusting user-supplied namespace values in spec.connInfoSecretSource.namespace without validation. No admission webhook enforces this boundary.

Recommendations Update to Aiven Operator version 0.37.0 or later.