CVE-2026-5142
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk19th percentile — higher than 19% of all known CVEs
Summary
A flaw was found in Foreman where authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments.
Risk Assessment
The risk involves potential leakage of sensitive SSH keys in multi-tenant environments, which could allow an attacker to access systems and data of other organizations, compromising security and confidentiality.
Recommendation
It is recommended to immediately update Foreman to a patched version that fixes this vulnerability and review the 'view_keypairs' permission configuration to restrict access only to necessary users.
Original NVD description (English source)
A flaw was found in foreman. Authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information.

