CVE-2026-49824 | Fission up to 1.23.x pkg/webhook/function.go secrets[] access control (GHSA-cvw6-gfvv-953q)

A vulnerability was found in Fission up to 1.23.x. It has been classified as critical. This affects an unknown function of the file pkg/webhook/function.go. The manipulation of the argument secrets[] leads to improper access controls.

This vulnerability is referenced as CVE-2026-49824. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More