CVE Catalog

CVE-2026-1784

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

5th percentile - higher than 5% of all known CVEs

Summary

A vulnerability in the Route resource of OpenShift allows uncontrolled modification of HAProxy configuration due to insufficient validation of the spec.path field in a Route document. An attacker can inject malicious configuration, leading to network traffic hijacking.

Risk Assessment

The organization is at risk of traffic interception or redirection to vulnerable subdomains, potentially resulting in data leakage or service integrity compromise.

Recommendation

Immediately update OpenShift to a patched version and implement additional validation mechanisms for Route definitions, such as security policy rules.

Original NVD description (English source)

The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS