Security researchers have disclosed a critical vulnerability in Kubernetes Capsule v0.10.3 and earlier versions that allows authenticated tenant users to inject arbitrary labels into system namespaces, fundamentally breaking multi-tenant isolation. The vulnerability, tracked as CVE-2025-55205 with a CVSS score of 9.9, enables attackers to bypass security boundaries and access cross-tenant resources, potentially leading to cluster-wide compromise. Vulnerability […] The post Kubernetes Capsule Vulnerability Enables Attackers to Inject Arbitrary Labels appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/kubernetes-capsule-vulnerability/
