High severity8.1NVD Advisory· Published Feb 2, 2026· Updated Apr 15, 2026
CVE-2026-1530
CVE-2026-1530
Description
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
fog-kubevirtRubyGems | < 1.5.1 | 1.5.1 |
Affected products
1Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-m3hq-3qj8-c5fmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-1530ghsaADVISORY
- access.redhat.com/errata/RHSA-2026:5970nvdWEB
- access.redhat.com/errata/RHSA-2026:5971nvdWEB
- access.redhat.com/security/cve/CVE-2026-1530nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/fog/fog-kubevirt/blob/8adb03e07972d6e19a7713ecf2a827aa2cfe4b9e/CHANGELOG.mdghsaWEB
- github.com/fog/fog-kubevirt/commit/8371e9ded99f9ec3e74caf2f283836109763e450ghsaWEB
- github.com/fog/fog-kubevirt/commit/9603d79a239a0f68bedfc679cd1b65fbf6ec4753ghsaWEB
- github.com/fog/fog-kubevirt/pull/168ghsaWEB
- github.com/fog/fog-kubevirt/releases/tag/v1.5.1ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/fog-kubevirt/CVE-2026-1530.ymlghsaWEB
News mentions
0No linked articles in our index yet.