CVE-2026-41184 Tigera CVE debrief

Who should care

Kubernetes platform operators running Calico, Canal, or Flannel-Calico CNI plugins; security teams managing pod logging permissions; cluster administrators using __SERVICEACCOUNT_TOKEN__ authentication patterns

Technical summary

The install-cni init container in Calico logs its rendered CNI configuration to stdout for debugging purposes. When deployed in Canal or Flannel-Calico configurations that use the __SERVICEACCOUNT_TOKEN__ placeholder, the installer substitutes the live Kubernetes ServiceAccount bearer token into the configuration before logging occurs. This exposes the token to any principal with pods/log read access in the namespace containing calico-node. The exposed token carries patch privileges on pods/status, enabling attackers to modify workload annotations. The vulnerability does not affect deployments using the default kubeconfig-based authentication path. This represents a regression of previously addressed issue TTA-2018-001.

Defensive priority

medium

Recommended defensive actions

• Review Calico/Canal deployments for use of __SERVICEACCOUNT_TOKEN__ placeholder in CNI configuration templates
• Audit namespace-level pods/log permissions to identify overprivileged accounts
• Apply patches from referenced pull requests when available
• Monitor Tigera security bulletin TTA-2026-001 for official remediation guidance
• Consider log sanitization controls for init container output as defense in depth

Evidence notes

The vulnerability was disclosed via NVD on 2026-05-28 with status 'Undergoing Analysis'. Tigera's security bulletin TTA-2026-001 confirms this is a regression of TTA-2018-001. Three pull requests (12502, 12526, 12527) are referenced as remediation. The CVSS 4.0 vector indicates network attack vector with low attack complexity, requiring low privileges and no user interaction, with high confidentiality impact to the vulnerable component.

Official resources