CVE-2026-10840
Openshift-pipelines-operator-rh: openshift-pipelines-operator: tekton-scheduler-rolebinding grants system:authenticated write access to kueue and cert-manager resources
CVSS Score
7.1
EPSS Score
0.0%
EPSS Percentile
6th
A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the cluster, any authenticated user can disrupt workload scheduling, tamper with scheduling priorities, delete other tenants' Workload objects, or induce cert-manager to overwrite TLS Secrets including the default ingress controller certificate.
| CWE | CWE-732 |
| Vendor | red hat |
| Product | builds for red hat openshift |
| Published | Jun 4, 2026 |
| Last Updated | Jun 9, 2026 |
Stay Ahead of the Next One
Get instant alerts for red hat builds for red hat openshift
Be the first to know when new high vulnerabilities affecting red hat builds for red hat openshift are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
High
Affected Versions
Red Hat / Builds for Red Hat OpenShift
All versions affected Red Hat / OpenShift Pipelines
All versions affected Red Hat / OpenShift Pipelines
All versions affected Red Hat / OpenShift Pipelines
All versions affected Red Hat / OpenShift Pipelines
All versions affected Red Hat / OpenShift Pipelines
All versions affected Red Hat / OpenShift Pipelines
All versions affected References
Credits
Red Hat would like to thank Christopher Lusk (North Echo Security Research) for reporting this issue.