CVE-2026-5483
Published: 10 April 2026
Summary
CVE-2026-5483 is a high-severity Insertion of Sensitive Information Into Sent Data (CWE-201) vulnerability in Redhat Openshift Ai. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Other AI Platforms.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AU-13 (Monitoring for Information Disclosure).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 requires timely flaw remediation through patching, directly addressing the specific vulnerability in odh-dashboard by applying Red Hat security advisories RHSA-2026:7397 et al. to prevent token disclosure.
AC-3 enforces approved authorizations on the NodeJS endpoint, preventing low-privileged attackers from accessing and disclosing Kubernetes service account tokens.
AU-13 monitors for information disclosure, enabling detection of unauthorized exposure of service account tokens via the vulnerable endpoint.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables disclosure of Kubernetes Service Account tokens via a NodeJS endpoint in a network-accessible dashboard component, directly facilitating T1528 (Steal Application Access Token) for unauthorized resource access and mapping to T1190 (Exploit Public-Facing Application) given AV:N and low-privilege exploitation.
NVD Description
A flaw was found in odh-dashboard in Red Hat Openshift AI. This vulnerability in the `odh-dashboard` component of Red Hat OpenShift AI (RHOAI) allows for the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint. This could enable an…
more
attacker to gain unauthorized access to Kubernetes resources.
Deeper analysisAI
CVE-2026-5483, published on 2026-04-10, is a vulnerability in the odh-dashboard component of Red Hat OpenShift AI (RHOAI). The flaw enables the disclosure of Kubernetes Service Account tokens through a NodeJS endpoint, which could allow an attacker to gain unauthorized access to Kubernetes resources. It has been classified under CWE-201 (Exposure of Sensitive Information to an Unauthorized Actor) with a CVSS v3.1 base score of 8.5 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).
An attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N), though it requires high attack complexity (AC:H) and no user interaction (UI:N). Successful exploitation changes scope (S:C) and results in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H), permitting the use of disclosed service account tokens to access Kubernetes resources without authorization.
Red Hat has released patches addressing this issue in security advisories RHSA-2026:7397, RHSA-2026:7398, RHSA-2026:7403, and RHSA-2026:7404, with additional details available on the CVE page at https://access.redhat.com/security/cve/CVE-2026-5483. Security practitioners should review these errata for mitigation and update instructions.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai, ai