CVE-2026-29955 | KubePlus 4.14 kubeconfiggenerator /registercrd subprocess.Popen chartName command injection

A vulnerability was found in KubePlus 4.14. It has been classified as critical. This impacts the function subprocess.Popen of the file /registercrd of the component kubeconfiggenerator. Performing a manipulation of the argument chartName results in command injection.

This vulnerability is identified as CVE-2026-29955. The attack can only be performed from the local network. There is not any exploit available.VulDB Recent EntriesRead More