CVE-2026-1530

HIGH

Rubygems Fog-kubevirt < 1.5.1 - Improper Certificate Validation

Title source: rule

Description

A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.

References (2)

[Vendor Advisory] https://access.redhat.com/security/cve/CVE-2026-1530

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=2433784

Scores

CVSS v3 8.1

EPSS 0.0001

EPSS Percentile 1.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Classification

CWE

CWE-295

Status draft

Affected Products (1)

rubygems/fog-kubevirt < 1.5.1RubyGems

Timeline

Published Feb 02, 2026

Tracked Since Feb 18, 2026