Zero Day MonitorZDM

← Back to list

7.6

CVE-2026-29954EXPLOITED

n/a · n/a

CVE-2026-29954: In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing th

Description

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to download charts, the chartURL is directly concatenated into the command, allowing attackers to inject wget's `--header` option to achieve arbitrary HTTP header injection.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a

References

https://gist.github.com/b0b0haha/33baea60fd2a847f11f1fb02e43c64c0
https://github.com/b0b0haha/CVE-2026-29954/blob/main/README.md

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-29954 | KubePlus 4.1.4 webhook/kubeconfiggenerator ResourceComposition chartURL injection

→ No new info (linked only)

CVSS 3.17.6 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N

CISA KEV❌ No

Actively exploited✅ Yes

PublishedMar 30, 2026

Last enriched4h agov2

Trending Score54

Source articles1

Independent1

Info Completeness6/14

Missing: cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-30562EXP

CVE-2026-30562: A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulner

MEDIUMCVE-2026-29909EXP

CVE-2026-29909: MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/f

CRITICALCVE-2026-29925EXP

CVE-2026-29925: Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery (SSRF) in CheckDatabaseRequest.php.

HIGHCVE-2026-29953EXP

CVE-2026-29953: SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the columnAsInsert function in file plugins

HIGHCVE-2026-33643EXP

CVE-2026-33643: SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file pl

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Mar 30, 2026

Discovered by ZDM

Mar 30, 2026

Updated: severity, activelyExploited

Mar 30, 2026

Actively Exploited

Mar 30, 2026

Version History

v2

Last enriched 4h ago

v2Tier C4h ago

Updated severity to HIGH and marked the vulnerability as actively exploited.

severityactivelyExploited

via VulDB

v15h ago

Initial creation