CVE-2026-10533

Name of the Vulnerable Software and Affected Versions OpenShift Container Platform (affected versions not specified)

Description A flaw exists where completed pods with restartPolicy: Never are not counted toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user with permissions to create pods in a namespace can exploit this to generate a high volume of events. These events accumulate in etcd (a distributed key-value store used for cluster data), leading to performance degradation of the API server across the entire cluster.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.