PatchSiren

cert-manager CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH cert-manager CVE published 2026-07-16

CVE-2026-62290

The CVE-2026-62290 vulnerability affects cert-manager, a tool that adds certificates and certificate issuers as resource types in Kubernetes clusters. The vulnerability allows namespace users to create Challenge resources without admission validation, potentially leading to the misuse of ClusterIssuer DNS credentials. This issue has a high CVSS score of 7.3 and is classified as HIGH severity. Users of cer [truncated]