Back to CVE List

CVE-2026-9165

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.7 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Vulnerability Description

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-400
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!