CVE-2026-6383

Name of the Vulnerable Software and Affected Versions KubeVirt (affected versions not specified)

Description A flaw exists in the Role-Based Access Control (RBAC) evaluation logic where the authorization mechanism improperly truncates subresource names. This leads to incorrect permission evaluations, allowing authenticated users with specific custom roles to gain unauthorized access to subresources. This may result in the disclosure of sensitive information or the execution of unauthorized actions. Furthermore, legitimate users may be denied access to resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.