PatchSiren cyber security CVE debrief
CVE-2026-5483 Red Hat CVE debrief
CVE-2026-5483 is a high-severity vulnerability in the odh-dashboard component of Red Hat OpenShift AI (RHOAI). The flaw allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint, potentially enabling an attacker to gain unauthorized access to Kubernetes resources. The vulnerability has a CVSS score of 8.5 and is considered HIGH severity. Red Hat has released advisories and patches to address this issue. Affected versions include OpenShift AI 2.16, 2.25, 3.2, and 3.3. Users should apply the necessary patches to mitigate this vulnerability.
- Vendor
- Red Hat
- Product
- Red Hat OpenShift AI 2.16
- CVSS
- HIGH 8.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-10
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-04-10
- Advisory updated
- 2026-06-30
Who should care
This vulnerability affects users of Red Hat OpenShift AI, particularly those using versions 2.16, 2.25, 3.2, and 3.3. Kubernetes administrators and security teams should assess their exposure and apply patches or mitigations as needed. The vulnerability's high severity and potential impact on Kubernetes resource access make it a priority for organizations using affected OpenShift AI versions.
Technical summary
The CVE-2026-5483 vulnerability is caused by a flaw in the odh-dashboard component of Red Hat OpenShift AI. Specifically, it allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an attacker to gain unauthorized access to Kubernetes resources. The vulnerability's CVSS vector is CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H, indicating a high severity level. The Common Weakness Enumeration (CWE) associated with this vulnerability is CWE-201.
Defensive priority
Apply patches: Red Hat has released advisories (RHSA-2026:7397, RHSA-2026:7398, RHSA-2026:7403, RHSA-2026:7404) and users should apply them as soon as possible. Inventory and prioritize: Ensure accurate inventory of OpenShift AI deployments, focusing on affected versions (2.16, 2.25, 3.2, 3.3).
Recommended defensive actions
- Apply patches from Red Hat advisories (RHSA-2026:7397, RHSA-2026:7398, RHSA-2026:7403, RHSA-2026:7404) to affected OpenShift AI versions.
- Conduct an inventory of OpenShift AI deployments to identify potentially affected versions (2.16, 2.25, 3.2, 3.3).
- Prioritize patching based on deployment criticality and exposure.
- Monitor for unusual Kubernetes activity that may indicate exploitation attempts.
- Implement compensating controls such as additional authentication mechanisms for Kubernetes resources.
Evidence notes
The CVE-2026-5483 vulnerability was publicly disclosed on April 10, 2026, and last modified on June 30, 2026. The vulnerability affects multiple versions of Red Hat OpenShift AI. Red Hat has provided several advisories and patches to address this issue. The CVSS score of 8.5 indicates high severity. The CWE associated with this vulnerability is CWE-201.
Official resources
-
CVE-2026-5483 CVE record
CVE.org
-
CVE-2026-5483 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Vendor Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.