CVE-2026-39429
Awaiting Analysis Awaiting Analysis - Queue

Unauthorized Access in kcp Cache Server via Unauthenticated Root Shard

Vulnerability report for CVE-2026-39429, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-08

Last updated on: 2026-04-15

Assigner: GitHub, Inc.

Description

kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.30.3 and 0.29.3, the cache server is directly exposed by the root shard and has no authentication or authorization in place. This allows anyone who can access the root shard to read and write to the cache server. This vulnerability is fixed in 0.30.3 and 0.29.3.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-08
Last Modified
2026-04-15
Generated
2026-07-06
AI Q&A
2026-04-09
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
kcp kcp to 0.29.3 (exc)
kcp kcp From 0.30.0 (inc) to 0.30.3 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-302 The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

Because the cache server lacks authentication and authorization, an attacker with access to the root shard can read sensitive data stored in the cache and modify it. This can lead to unauthorized data exposure and potential data integrity issues, compromising the security of workloads managed by kcp.

Mitigation Strategies

To mitigate this vulnerability, upgrade kcp to version 0.30.3 or 0.29.3 or later, where the cache server is no longer directly exposed by the root shard without authentication or authorization.

Executive Summary

The vulnerability exists in kcp, a Kubernetes-like control plane. Prior to versions 0.30.3 and 0.29.3, the cache server is directly exposed by the root shard without any authentication or authorization mechanisms. This means that anyone who can access the root shard can read from and write to the cache server without restrictions.

Compliance Impact

This vulnerability allows unauthorized read and write access to the cache server due to lack of authentication and authorization. Such unauthorized access to potentially sensitive data could lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls over access to personal and health information.

However, the provided information does not explicitly state the impact on compliance with these standards.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-39429. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart