CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-40895

highcovered by 2 sourcesfirst seen 2026-07-02
A remote anonymous attacker can exploit multiple vulnerabilities in Kiali for Red Hat OpenShift Service Mesh to gain elevated privileges, bypass security measures, manipulate or disclose data, or cause a denial-of-service condition.

CSIRTS triage

What
A remote anonymous attacker can exploit multiple vulnerabilities in Kiali for Red Hat OpenShift Service Mesh to gain elevated privileges, bypass security measures, manipulate or disclose data, or cause a denial-of-service condition.
Who is affected
Deployments of Kiali for Red Hat OpenShift Service Mesh.
Urgency
Remediation is high urgency due to the potential for remote exploitation and privilege escalation.
Action
Update to the latest version of Kiali.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-40895

Get an email if CVE-2026-40895 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-40895

CVE.org record

Embed the live status

CVE-2026-40895 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-40895 status](https://www.csirts.com/badge/CVE-2026-40895)](https://www.csirts.com/cve/CVE-2026-40895)