CVE-2026-5483
Odh-dashboard: odh dashboard kubernetes service account exposure
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an attacker to gain unauthorized access to Kubernetes resources.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Red Hat · Red Hat OpenShift AI 2.16Red Hat · Red Hat OpenShift AI 2.25Red Hat · Red Hat OpenShift AI 3.2Red Hat · Red Hat OpenShift AI 3.3Red Hat · Red Hat OpenShift AI (RHOAI)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2026:7397https://access.redhat.com/errata/RHSA-2026:7398https://access.redhat.com/errata/RHSA-2026:7403https://access.redhat.com/errata/RHSA-2026:7404https://access.redhat.com/security/cve/CVE-2026-5483https://bugzilla.redhat.com/show_bug.cgi?id=2454764