CRITICAL: CVE-2026-22872 (CVSS 9.1) — projectcapsule capsule
CVE: CVE-2026-22872
CVSS: 9.1 (3.1) — CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL
Status: Critical advisory
Affected
- projectcapsule capsule
Summary
Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Prior to version 0.13.0, tenant administrators can leverage the Controller's elevated privileges to create cluster-scoped resources (such as ClusterRole and ValidatingWebhookConfiguration) that they cannot create directly, achieving cross-tenant privilege escalation and cluster-level attacks. The attack vector has a few limiting factors. This attack requires Tenant Owner privileges and requires Capsule Controller running with cluster-admin privileges (default configuration). Additionally, some clusters may have additional admission controllers blocking malicious resources. Version 0.13.0 patches this issue.
Verified Sources
References
- https://github.com/projectcapsule/capsule/releases/tag/v0.13.0
- https://github.com/projectcapsule/capsule/security/advisories/GHSA-qjjm-7j9w-pw72
- https://github.com/projectcapsule/capsule/security/advisories/GHSA-qjjm-7j9w-pw72
_Validated by the Lyrie Threat Intelligence Pipeline — 3 independent sources confirmed before publication. No speculation._
Lyrie Verdict
A vulnerability of this severity is exactly what Lyrie's anti-rogue-AI defense is built for: continuous, autonomous monitoring that doesn't wait for human reaction time.
Validated sources
- [1]NVD
- [2]GitHub Advisory
- [3]MITRE