CVE-2026-50566 - Vulnerability Details

- Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation

Description

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation / dangerous-capability containers in the Fission function or builder namespace, scheduled under the executor's high-privilege service account — enabling container-sandbox escape, host filesystem and network access, and potential node- and cluster-level compromise. This issue has been patched in version 1.24.0.

Published: 2026-06-10

Score: 9.9 Critical

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

Fission, a Kubernetes-native serverless framework, allowed a tenant with environments.fission.io create/update RBAC to specify privileged containers—including setting allowPrivilegeEscalation and dangerous capabilities—in functions or builders. The executor’s high‑privilege service account would then launch these containers, bypassing the typical container sandbox. The result is a container‑sandbox escape that can grant access to the node’s filesystem, network, and potentially the entire cluster, enabling a full compromise of the infrastructure.

Affected Systems

Any installation of Fission prior to version 1.24.0 that permits tenants to create or update environments. Attacks apply to the function and builder namespaces where privileged containers may be run; the issue is not limited to a single host or user.

Risk and Exploitability

The CVSS score of 9.9 marks this as a critical vulnerability. The EPSS score is not available, so the current likelihood of exploitation is unclear, but the severity of the impact is high. It is not listed in CISA KEV, indicating no public exploit has been documented yet. An attacker would likely need to orchestrate privileged container creation through the tenant’s RBAC permissions, a step that requires prior access or compromise of tenant privileges. Once achieved, the attacker can escape the sandbox and gain host‑level or cluster‑level control.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

fission

affected

Version	Status	Constraints
`< 1.24.0`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Fission to version 1.24.0 or newer
Reduce or remove the environments.fission.io create/update RBAC from tenants to disallow privileged containers or capability escalation
Enforce restrictive run‑time security policies such as setting allowPrivilegeEscalation to false, read‑only root filesystem, and limiting capabilities via PodSecurityPolicy or Kube‑PSA

Generated by OpenCVE AI on June 10, 2026 at 19:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/fission/fission/pull/3406
https://github.com/fission/fission/releases/tag/v1.24.0
https://github.com/fission/fission/security/advisories/GHSA-m63v-2g9w-2w6v

History

Wed, 10 Jun 2026 18:15:00 +0000

Type	Values Removed	Values Added
Description		Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation / dangerous-capability containers in the Fission function or builder namespace, scheduled under the executor's high-privilege service account — enabling container-sandbox escape, host filesystem and network access, and potential node- and cluster-level compromise. This issue has been patched in version 1.24.0.
Title		Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation
Weaknesses		CWE-250 CWE-269
References		https://github.com/fission/fission/pull/3406 https://github.com/fission/fission/releases/tag/v1.24.0 https://github.com/fission/fission/security/advisories/GHSA-m63v-2g9w-2w6v
Metrics		cvssV3_1 `{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-06-10T17:29:35.349Z

Updated: 2026-06-10T18:20:58.026Z

Reserved: 2026-06-04T21:34:34.426Z

Link: CVE-2026-50566

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2026-06-10T18:17:13.040

Modified: 2026-06-10T19:37:41.437

Link: CVE-2026-50566

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-10T19:45:39Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object