PT-2026-56680 · Nuclio · Nuclio

CVE-2026-52831

·

Published

2026-07-08

·

Updated

2026-07-08

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Nuclio versions prior to 1.16.4
Description Nuclio contains an OS command injection issue where the controller constructs a curl invocation string for cron triggers and executes it via /bin/sh -c within a Kubernetes CronJob container. This occurs because two fields in the trigger specification are not adequately sanitized:
  1. The event.headers keys are interpolated verbatim into --header arguments. A key containing double quotes can break the quoting context, allowing the injection of arbitrary shell commands.
  2. The event.body is processed using strconv.Quote, which fails to escape $(), enabling command substitution.
An attacker with network access to the Dashboard API can execute arbitrary shell commands as root within the CronJob pod. This can lead to the exfiltration of the Kubernetes ServiceAccount token, enabling enumeration of API resources or lateral movement within the cluster and cloud environment. Additionally, because the created CronJobs lack ownerReferences, they are not automatically garbage-collected, potentially allowing a persistent backdoor to remain active even after the source function is deleted.
Recommendations Update Nuclio to version 1.16.4. As a temporary workaround, restrict access to the Nuclio Dashboard port 8070 to trusted networks or place it behind an authenticated reverse proxy. As a temporary workaround, avoid creating functions that use kind: cron triggers. As a temporary workaround, remove the batch API group permission from the Nuclio controller ServiceAccount to prevent the creation of CronJobs.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-52831
GHSA-V5PX-423J-PF7P

Affected Products

Nuclio