Description

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially amplify string data through context variables. Versions 1.16.3 and 1.15.3 contain a patch for the vulnerability.

INFO

Published Date :

2026-01-27T16:10:44.376Z

Last Modified :

2026-01-27T16:33:03.342Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23881 vulnerability.

Vendors Products
Kyverno
  • Kyverno
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23881.

URL Resource
https://github.com/kyverno/kyverno/commit/7a651be3a8c78dcabfbf4178b8d89026bf3b850f cve-icon cve-icon
https://github.com/kyverno/kyverno/commit/f5617f60920568a301740485472bf704892175b7 cve-icon cve-icon
https://github.com/kyverno/kyverno/security/advisories/GHSA-r2rj-wwm5-x6mq cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact