VYPR
High severity8.1NVD Advisory· Published Feb 2, 2026· Updated Apr 15, 2026

CVE-2026-1531

CVE-2026-1531

Description

A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
foreman_kubevirtRubyGems
< 0.4.30.4.3

Affected products

1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.