Cyber Resilience

CVE-2026-5483

HighUpdated

Published: 10 April 2026

Published
10 April 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v3.1 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0048 37.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-5483 is a high-severity Insertion of Sensitive Information Into Sent Data (CWE-201) vulnerability in Redhat Openshift Ai. Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AU-13 (Monitoring for Information Disclosure).

Deeper analysis

CVE-2026-5483, published on 2026-04-10, is a vulnerability in the odh-dashboard component of Red Hat OpenShift AI (RHOAI). The flaw enables the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint, which could allow an attacker to gain unauthorized access to Kubernetes resources. It has been classified under CWE-201 (Exposure of Sensitive Information to an Unauthorized Actor) with a CVSS v3.1 base score of 8.5 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).

An attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N), though it requires high attack complexity (AC:H) and no user interaction (UI:N). Successful exploitation changes scope (S:C) and results in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H), permitting the use of disclosed service account tokens to access Kubernetes resources without authorization.

Red Hat has released patches addressing this issue in security advisories RHSA-2026:7397, RHSA-2026:7398, RHSA-2026:7403, and RHSA-2026:7404, with additional details available on the CVE page at https://access.redhat.com/security/cve/CVE-2026-5483. Security practitioners should review these errata for mitigation and update instructions.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an…

more

attacker to gain unauthorized access to Kubernetes resources.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1528 Steal Application Access Token Credential Access
Adversaries can steal application access tokens as a means of acquiring credentials to access remote systems and resources.
Why these techniques?

The vulnerability enables disclosure of Kubernetes Service Account tokens via a NodeJS endpoint in a network-accessible dashboard component, directly facilitating T1528 (Steal Application Access Token) for unauthorized resource access and mapping to T1190 (Exploit Public-Facing Application) given AV:N and low-privilege exploitation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-12805Same product: Redhat Openshift Ai
CVE-2026-3872Same vendor: Redhat
CVE-2026-28368Same vendor: Redhat
CVE-2026-4525Shared CWE-201
CVE-2026-28369Same vendor: Redhat
CVE-2026-28367Same vendor: Redhat
CVE-2025-12543Same vendor: Redhat
CVE-2026-32590Same vendor: Redhat
CVE-2026-7507Same vendor: Redhat
CVE-2026-7504Same vendor: Redhat

Affected Assets

redhat
openshift ai
3.2, 3.3 · 2.16 — 2.16.4 · 2.25 — 2.25.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 requires timely flaw remediation through patching, directly addressing the specific vulnerability in odh-dashboard by applying Red Hat security advisories RHSA-2026:7397 et al. to prevent token disclosure.

prevent

AC-3 enforces approved authorizations on the NodeJS endpoint, preventing low-privileged attackers from accessing and disclosing Kubernetes service account tokens.

detect

AU-13 monitors for information disclosure, enabling detection of unauthorized exposure of service account tokens via the vulnerable endpoint.

References