VYPR

Yoke

by Yokecd

Source repositories

CVEs (2)

  • CVE-2026-26056HigFeb 12, 2026
    risk 0.50cvss 8.8epss 0.00

    Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller (ATC) component of Yoke. It allows users with CR create/update permissions to execute arbitrary WASM code in the ATC controller…

  • CVE-2026-26055HigFeb 12, 2026
    risk 0.49cvss 7.5epss 0.00

    Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller (ATC) component of Yoke. The ATC webhook endpoints lack proper authentication mechanisms, allowing any pod within the cluster…