CVE-2026-50545 Overview
CVE-2026-50545 is a privilege escalation vulnerability in Fission, an open-source Kubernetes-native serverless framework. The flaw affects all Fission releases prior to version 1.24.0. The Environment.spec.runtime.podSpec and spec.builder.podSpec passthrough fields lacked validation, and the MergePodSpec function propagated dangerous fields into generated pods. Authenticated users with permission to create or modify Fission Environment resources can inject arbitrary pod specifications. This enables container breakout, host access, and cluster-wide privilege escalation. The maintainers patched the issue in Fission v1.24.0. The vulnerability is tracked as [CWE-269: Improper Privilege Management].
Critical Impact
Authenticated tenants can inject privileged pod specifications through Fission Environment objects, escalating from namespace-scoped access to full cluster compromise.
Affected Products
- Fission versions prior to 1.24.0
- Fission Environment controller (spec.runtime.podSpec)
- Fission Environment controller (spec.builder.podSpec)
Discovery Timeline
- 2026-06-10 - CVE-2026-50545 published to NVD
- 2026-06-10 - Last updated in NVD database
Technical Details for CVE-2026-50545
Vulnerability Analysis
Fission lets users define Environment custom resources that describe runtime and builder containers. Each Environment includes optional podSpec fields used to customize the underlying Kubernetes pod. Prior to v1.24.0, Fission's MergePodSpec helper copied user-supplied pod specifications directly into the controller-generated pods without filtering sensitive fields. Attackers with rights to create or update Environment objects can set fields such as hostPID, hostNetwork, hostPath volumes, privileged: true security contexts, custom serviceAccountName values, or nodeSelector and tolerations that pin pods onto control-plane nodes. The resulting pod inherits these dangerous attributes when the Fission executor reconciles the Environment. This converts a constrained namespace-scoped role into the effective permissions of the Fission service account, often cluster-admin. The flaw maps to [CWE-269] and produces a scope change because the privileges of the spawned pod exceed those of the requesting principal.
Root Cause
The root cause is missing input validation in the Environment admission and reconcile path. MergePodSpec performed a structural merge instead of an allow-list filter. Fission trusted the controller boundary and did not reject security-sensitive fields supplied by tenants.
Attack Vector
An attacker authenticates to the Kubernetes API with permission to create or modify Fission Environment resources in any namespace they control. They submit an Environment manifest containing a podSpec with privileged settings or host mounts. When Fission spawns the runtime or builder pod, it applies the attacker-controlled spec and runs it under the Fission executor's service account. The attacker then executes code inside the privileged pod and pivots to the host or other workloads.
No verified public exploit code is available. See the GitHub Security Advisory GHSA-wmgg-3p4h-48x7 for technical details.
Detection Methods for CVE-2026-50545
Indicators of Compromise
- Fission Environment objects containing podSpec fields with privileged: true, hostPID: true, hostNetwork: true, or hostPath volume mounts.
- Pods created by the Fission executor running with non-default serviceAccountName values or scheduled onto control-plane nodes.
- Unexpected exec or attach API calls against Fission-managed pods in the fission-function or fission-builder namespaces.
Detection Strategies
- Audit all Environment custom resources for the presence of spec.runtime.podSpec or spec.builder.podSpec fields and review their contents.
- Enable Kubernetes audit logging on environments.fission.io create and update verbs, and alert on tenants modifying these resources.
- Apply Pod Security Admission in restricted or baseline mode on Fission namespaces to surface and block non-conforming pods at admission time.
Monitoring Recommendations
- Ingest Kubernetes audit logs and container runtime telemetry into a centralized analytics platform for correlation across the cluster.
- Monitor Fission executor pods for runtime anomalies such as new processes, host filesystem access, and outbound network traffic to unexpected destinations.
- Track changes to Fission ClusterRoleBindings and service accounts to detect post-exploitation persistence.
How to Mitigate CVE-2026-50545
Immediate Actions Required
- Upgrade Fission to version 1.24.0 or later in every cluster that runs the platform.
- Inventory existing Environment resources and remove any unauthorized podSpec content before upgrading.
- Restrict RBAC permissions on environments.fission.io to a small set of trusted operators.
Patch Information
The vulnerability is fixed in Fission v1.24.0. The fix lands in pull request #3390 and pull request #3391, which add validation to MergePodSpec and reject dangerous fields. Refer to the GitHub Security Advisory GHSA-wmgg-3p4h-48x7 for the full vendor advisory.
Workarounds
- Enforce Pod Security Admission in restricted mode on Fission namespaces to block privileged pods even if a malicious Environment is created.
- Deploy an admission controller policy (OPA Gatekeeper or Kyverno) that rejects Environment resources containing podSpec.securityContext.privileged, hostPID, hostNetwork, hostPath, or custom serviceAccountName fields.
- Limit create and update verbs on environments.fission.io to platform administrators through namespaced RBAC until the upgrade is complete.
# Kyverno policy fragment to block dangerous Fission Environment podSpecs
kubectl get environments.fission.io -A -o json | \
jq '.items[] | select(.spec.runtime.podSpec.hostPID==true or .spec.runtime.podSpec.hostNetwork==true or .spec.builder.podSpec.hostPID==true) | {ns: .metadata.namespace, name: .metadata.name}'
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
