CVE-2026-24005

UNKNOWN 0.0

OpenKruise PodProbeMarker is Vulnerable to SSRF via Unrestricted Host Field

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Kruise provides automated management of large-scale applications on Kubernetes. Prior to versions 1.8.3 and 1.7.5, PodProbeMarker allows defining custom probes with TCPSocket or HTTPGet handlers. The webhook validation does not restrict the Host field in these probe configurations. Since kruise-daemon runs with hostNetwork=true, it executes probes from the node network namespace. An attacker with PodProbeMarker creation permission can specify arbitrary Host values to trigger SSRF from the node, perform port scanning, and receive response feedback through NodePodProbe status messages. Versions 1.8.3 and 1.7.5 patch the issue.

CWE	CWE-918
Vendor	openkruise
Product	kruise
Published	Feb 25, 2026
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for openkruise kruise

Be the first to know when new unknown vulnerabilities affecting openkruise kruise are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

None

Affected Versions

openkruise / kruise

>= 1.8.0, < 1.8.3 < 1.7.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/openkruise/kruise/security/advisories/GHSA-9fj4-3849-rv9g github.com: https://github.com/openkruise/kruise/commit/94364b76adf3e8a1749a31afe809a163bed29613 github.com: https://github.com/openkruise/kruise/releases/tag/v1.7.5 github.com: https://github.com/openkruise/kruise/releases/tag/v1.8.3