CNNVD-202601-2761 Information

CNNVD ID

CNNVD-202601-2761

Related CVE

CVE-2026-23634

• CNNVD Published: 2026-01-16

Description (Chinese)

Pepr是Defense Unicorns开源的一个中间件。 Pepr 1.0.5之前版本存在安全漏洞，该漏洞源于默认使用集群管理员RBAC配置且未强制执行最小权限原则。

Description (English)

Pepr is an open-source medium for Defense Unicorns. There was a security loophole in the pre-Pepr 1.5 version, which resulted from the default use of the cluster manager’s RBAC configuration without enforcing the minimum authority principle.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Defense Unicorns

Published

2026-01-16

Last Modified

2026-02-24

References

https://github.com/defenseunicorns/pepr/releases/tag/v1.0.5 https://github.com/defenseunicorns/pepr/security/advisories/GHSA-w54x-r83c-x79q https://access.redhat.com/security/cve/cve-2026-23634

Patch

https://github.com/defenseunicorns/pepr/releases