CVE-2026-27112
Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in the logic of both endpoints to inject arbitrary resources (of specific types only) into the underlying namespace of an existing Project using the API server's own permissions when that behavior was not intended. Critically, an attacker may exploit this as a vector for elevating their own permissions, which can then be leveraged to achieve remote code execution or secret exfiltration. Exfiltrated artifact repository credentials can be leveraged, in turn, to execute further attacks. In some configurations of the Kargo control plane's underlying Kubernetes cluster, elevated permissions may additionally be leveraged to achieve remote code execution or secret exfiltration using kubectl. This can reduce the complexity of the attack, however, worst case scenarios remain entirely achievable even without this. This vulnerability is fixed in v1.7.8, v1.8.11, and v1.9.3.
EPSS 0.27% · 51.1th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | akuity/kargo | 1.9.0-rc.1, 1.8.0-rc.1, 1.9.0-rc.1 |
| akuity | kargo | >= 1.9.0-rc.1, < 1.9.3, >= 1.8.0-rc.1, < 1.8.11, >= 1.7.0, < 1.7.8 |
Timeline
- Feb 19, 2026 CVE Published
- Feb 21, 2026 EPSS Score
- Feb 21, 2026 PoC Published
- Feb 21, 2026 PoC Published
- Feb 23, 2026 CVE Updated
- Feb 23, 2026 EPSS Score
- Feb 24, 2026 EPSS Score
- Feb 26, 2026 EPSS Score
- Feb 27, 2026 EPSS Score
- Mar 1, 2026 EPSS Score
- Mar 3, 2026 EPSS Score
- Mar 4, 2026 EPSS Score