Listen to this Post
How CVE-2026-50566 Works
Fission is a Kubernetes-native serverless framework. Prior to version 1.24.0, a critical vulnerability existed in the Environment Custom Resource Definition (CRD). Previous security advisories (GHSA-gx55-f84r-v3r7, GHSA-wmgg-3p4h-48×7, GHSA-v455-mv2v-5g92) had implemented validation and sanitization for the `PodSpec` fields within an Environment, such as `spec.runtime.podSpec` and spec.builder.podSpec.
However, the Environment CRD also exposes `spec.runtime.container` and spec.builder.container. These are standalone `Container` specifications that are merged into the runtime or builder pod. The security context of these standalone containers bypassed the existing security layers.
The vulnerability stems from two distinct gaps:
- Admission-layer gap: The `Environment.Validate()` function only calls `ValidatePodSpecSafety()` on the `Runtime.PodSpec` and
Builder.PodSpec. This function takes a `PodSpec` as an argument and never inspects the standalone `Runtime.Container.SecurityContext` orBuilder.Container.SecurityContext. - Merge-layer gap: The `sanitizeContainerSecurityContext()` function was only invoked inside
MergePodSpec(). The container field is merged viaMergeContainer(), which did not perform any sanitization. If only `Runtime.Container` is set and `Runtime.PodSpec` is nil, `MergePodSpec` is never called, and the sanitizer never runs.
The affected merge sites are `poolmgr` (gp_deployment.go), `newdeploy` (newdeploy.go), and `buildermgr` (envwatcher.go).
As a result, a tenant with `environments.fission.io` create/update RBAC can create an Environment with a malicious `SecurityContext` in the standalone container. This allows the deployment of privileged containers, containers withallowPrivilegeEscalation: true, or containers with dangerous Linux capabilities likeSYS_ADMIN,NET_ADMIN, andSYS_PTRACE.
These containers are scheduled under the executor’s high-privilege service account, enabling container-sandbox escape, host filesystem and network access, and potential node- and cluster-level compromise.
The fix was implemented in pull request 3406 and released in version 1.24.0. The primary defense is a new `ValidateContainerSafety` function in `pkg/apis/core/v1/podspec_safety.go` that applies the per-container `SecurityContext` denylist to standalone containers. As a defense-in-depth measure, `sanitizeContainerSecurityContext()` is now invoked inside `MergeContainer()` itself.
DailyCVE Form
Platform: Fission
Version: < 1.24.0
Vulnerability: SecurityContext Bypass
Severity: Critical (CVSS 9.9)
Date: 2026-06-10
Prediction: Patch expected 2026-05
What Undercode Say
Analytics on the CVE-2026-50566 vulnerability:
Check Fission version
kubectl get deploy -n fission fission-controller -o jsonpath='{.spec.template.spec.containers[bash].image}'
List Environments to identify potentially vulnerable CRDs
kubectl get environments -A -o yaml | grep -A 5 "securityContext"
Search for pods with privileged containers in Fission namespaces
kubectl get pods -n fission-function -o json | jq '.items[] | select(.spec.containers[]?.securityContext?.privileged == true)'
Exploit
A malicious tenant can exploit this vulnerability by creating an Environment with a standalone container that has a dangerous SecurityContext:
apiVersion: fission.io/v1 kind: Environment metadata: name: priv-escape-test namespace: default spec: version: 3 runtime: image: "ghcr.io/fission/python-env:latest" container: name: priv-escape-test securityContext: privileged: true poolsize: 1
The admission webhook accepts this Environment, and the resulting pool pod runs with privileged: true. Equivalent bypasses include setting `allowPrivilegeEscalation: true` or adding dangerous capabilities like `[“SYS_ADMIN”]` or ["NET_ADMIN","SYS_PTRACE"]. The same attack applies to Builder.Container.
Protection
- Upgrade: Upgrade Fission to version 1.24.0 or newer, which includes the fix.
- RBAC Restriction: Restrict `environments.fission.io` create/update RBAC to trusted administrators only.
- Policy Enforcement: Deploy a Kyverno or OPA Gatekeeper policy to reject dangerous `Container SecurityContext` on Environment CRDs.
- Pod Security Standards: Label the function and builder namespaces with
pod-security.kubernetes.io/enforce: restricted. - Runtime Security: Enforce restrictive runtime security policies, such as setting `allowPrivilegeEscalation` to false and limiting capabilities.
Impact
A tenant with `environments.fission.io` create/update RBAC can run privileged containers, containers with allowPrivilegeEscalation, or containers with dangerous capabilities in the Fission function or builder namespace. These containers are scheduled under the executor’s high-privilege service account, enabling:
– Container-sandbox escape
– Host filesystem and network access
– Potential node- and cluster-level compromise
The blast radius is identical to previous PodSpec injection vulnerabilities (GHSA-gx55-f84r-v3r7).
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

