CVE-2026-1530
HIGHfog-kubevirt < 1.5.1 - Man-in-the-Middle via Disabled Certificate Validation
Title source: llmDescription
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:5970
https://access.redhat.com/errata/RHSA-2026:5970
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:5971
https://access.redhat.com/errata/RHSA-2026:5971
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2026-1530
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2433784
Scores
CVSS v3
8.1
EPSS
0.0025
EPSS Percentile
16.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-295
Status
published
Products (16)
Red Hat/Red Hat Satellite 6
Red Hat/Red Hat Satellite 6.16 for RHEL 8
0:1.5.1-1.el8sat
Red Hat/Red Hat Satellite 6.16 for RHEL 9
0:1.5.1-1.el9sat
Red Hat/Red Hat Satellite 6.17 for RHEL 9
0:0.0.3-4.el9sat
Red Hat/Red Hat Satellite 6.17 for RHEL 9
0:0.1.23-0.3.el9pc
Red Hat/Red Hat Satellite 6.17 for RHEL 9
0:0.13.0-1.el9sat
Red Hat/Red Hat Satellite 6.17 for RHEL 9
0:0.4.3-1.el9sat
Red Hat/Red Hat Satellite 6.17 for RHEL 9
0:1.2.0-0.1.el9pc
Red Hat/Red Hat Satellite 6.17 for RHEL 9
0:1.5.1-1.el9sat
Red Hat/Red Hat Satellite 6.17 for RHEL 9
0:2.22.3-1.el9pc
... and 6 more
Published
Feb 02, 2026
Tracked Since
Feb 18, 2026