Skip to content
CVSS 10.0CVSS 10.0 · CRITICAL

CVE-2026-45132

CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token and SSH signing key) to fork-controlled code due to unsafe checkout and credential handling practices. This issue has been patched via commit fcf9302.

View on NVD

Analysis

Esta vulnerabilidad de severidad maxima en los Helm charts de CloudPirates permite la filtracion de credenciales sensibles como tokens de acceso personal y llaves SSH mediante GitHub Actions. Un atacante podria comprometer la infraestructura de CI/CD ejecutando codigo malicioso desde un fork para extraer secretos de despliegue en entornos de Kubernetes. Es fundamental actualizar a la version corregida para proteger los secretos y la integridad del pipeline.

Relevant roles

KubernetesCloudCyberSecurityDockerBackend

Severity

Score: 10.0(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: CHANGED
C: HIGH
I: HIGH
A: NONE
Weakness (CWE): CWE-94

EPSS

No EPSS score yet (CVE may be too fresh).

Technical description

CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token and SSH signing key) to fork-controlled code due to unsafe checkout and credential handling practices. This issue has been patched via commit fcf9302.

Published: 6/1/2026, 5:17:08 PM
Last modified: 6/1/2026, 6:14:29 PM

References

HomeEventsBlogResourcesTeam