[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-4789":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":28,"downstream":29,"duplicates":32,"related":33,"reserved_at":9,"published_at":39,"modified_at":40,"state":41,"summary":42,"references_raw":51,"kevs":88,"epss":89,"epss_history":92,"metrics":294,"affected":307},"CVE-2026-4789","Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-918","Server-Side Request Forgery (SSRF)","The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.","weakness","Incomplete","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-664","Server Side Request Forgery",[],[],[25,26,27],"GHSA-qqrv-2hch-83q4","BIT-kyverno-2026-4789","GHSA-rggm-jjmc-3394",[],[30],{"_key":31},"OPENSUSE-SU-2026:10613-1",[],[34,35,37],{"_key":31},{"_key":36},"CGA-JGW4-WM8Q-JPJ5",{"_key":38},"CGA-P8C4-F73W-RMVJ","2026-03-30T20:44:00.607Z","2026-04-01T18:43:50.952Z","Analyzed",{"cisa_kev":43,"cisa_ransomware":43,"cisa_vendor":9,"epss_severity":44,"epss_score":45,"severity":46,"severity_score":47,"severity_version":48,"severity_source":49,"severity_vector":50,"severity_status":41},false,"low",0.00022,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[52,60,66,71,75,80,84],{"url":53,"sources":54,"tags":57},"https://github.com/kyverno/kyverno",[49,55,56],"nvd","osv_go",[58,59],"PACKAGE","Product",{"url":61,"sources":62,"tags":63},"https://kb.cert.org/vuls/id/655822",[49,55,56],[64,65],"WEB","Third Party Advisory",{"url":67,"sources":68,"tags":69},"https://portswigger.net/web-security/ssrf",[49,55,56],[64,70],"Technical Description",{"url":72,"sources":73,"tags":74},"https://www.kb.cert.org/vuls/id/655822",[49,55,56],[64,65],{"url":76,"sources":77,"tags":78},"https://nvd.nist.gov/vuln/detail/CVE-2026-4789",[56],[79],"Advisory",{"url":81,"sources":82,"tags":83},"https://github.com/kyverno/kyverno/pull/15729",[56],[64],{"url":85,"sources":86,"tags":87},"https://github.com/kyverno/kyverno/security/advisories/GHSA-rggm-jjmc-3394",[56],[64],[],{"date":90,"score":45,"percentile":91},"2026-06-05",0.06315,[93,97,100,104,107,110,114,117,120,123,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,171,174,177,180,183,186,189,192,195,198,201,204,207,210,213,216,219,222,225,228,230,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,290,293],{"date":94,"score":95,"percentile":96},"2026-03-31",0.00005,0.00266,{"date":98,"score":95,"percentile":99},"2026-04-01",0.00264,{"date":101,"score":102,"percentile":103},"2026-04-02",0.00015,0.03154,{"date":105,"score":102,"percentile":106},"2026-04-03",0.03166,{"date":108,"score":102,"percentile":109},"2026-04-04",0.03165,{"date":111,"score":112,"percentile":113},"2026-04-05",0.0002,0.053,{"date":115,"score":112,"percentile":116},"2026-04-06",0.05306,{"date":118,"score":112,"percentile":119},"2026-04-07",0.05327,{"date":121,"score":112,"percentile":122},"2026-04-08",0.05361,{"date":124,"score":112,"percentile":125},"2026-04-09",0.05384,{"date":127,"score":112,"percentile":128},"2026-04-10",0.05371,{"date":130,"score":112,"percentile":131},"2026-04-11",0.05353,{"date":133,"score":112,"percentile":134},"2026-04-12",0.05341,{"date":136,"score":112,"percentile":137},"2026-04-13",0.0533,{"date":139,"score":112,"percentile":140},"2026-04-14",0.05264,{"date":142,"score":112,"percentile":143},"2026-04-15",0.05262,{"date":145,"score":112,"percentile":146},"2026-04-16",0.05278,{"date":148,"score":112,"percentile":149},"2026-04-17",0.05286,{"date":151,"score":112,"percentile":152},"2026-04-18",0.0528,{"date":154,"score":112,"percentile":155},"2026-04-19",0.0527,{"date":157,"score":112,"percentile":158},"2026-04-20",0.05265,{"date":160,"score":112,"percentile":161},"2026-04-21",0.05431,{"date":163,"score":112,"percentile":164},"2026-04-22",0.05447,{"date":166,"score":112,"percentile":167},"2026-04-23",0.05474,{"date":169,"score":112,"percentile":170},"2026-04-24",0.05471,{"date":172,"score":112,"percentile":173},"2026-04-25",0.05514,{"date":175,"score":112,"percentile":176},"2026-04-26",0.05512,{"date":178,"score":112,"percentile":179},"2026-04-27",0.05502,{"date":181,"score":112,"percentile":182},"2026-04-28",0.05497,{"date":184,"score":112,"percentile":185},"2026-04-29",0.05513,{"date":187,"score":112,"percentile":188},"2026-04-30",0.05522,{"date":190,"score":45,"percentile":191},"2026-05-01",0.06011,{"date":193,"score":45,"percentile":194},"2026-05-02",0.06039,{"date":196,"score":45,"percentile":197},"2026-05-03",0.06038,{"date":199,"score":45,"percentile":200},"2026-05-04",0.06024,{"date":202,"score":45,"percentile":203},"2026-05-05",0.06028,{"date":205,"score":45,"percentile":206},"2026-05-06",0.0605,{"date":208,"score":45,"percentile":209},"2026-05-07",0.06124,{"date":211,"score":45,"percentile":212},"2026-05-08",0.06149,{"date":214,"score":45,"percentile":215},"2026-05-09",0.06192,{"date":217,"score":45,"percentile":218},"2026-05-10",0.06211,{"date":220,"score":45,"percentile":221},"2026-05-11",0.06207,{"date":223,"score":45,"percentile":224},"2026-05-12",0.06208,{"date":226,"score":45,"percentile":227},"2026-05-13",0.06216,{"date":229,"score":45,"percentile":227},"2026-05-14",{"date":231,"score":45,"percentile":232},"2026-05-15",0.06218,{"date":234,"score":45,"percentile":235},"2026-05-16",0.06233,{"date":237,"score":45,"percentile":238},"2026-05-17",0.06225,{"date":240,"score":45,"percentile":241},"2026-05-18",0.06189,{"date":243,"score":45,"percentile":244},"2026-05-19",0.06167,{"date":246,"score":45,"percentile":247},"2026-05-20",0.06132,{"date":249,"score":45,"percentile":250},"2026-05-21",0.06131,{"date":252,"score":45,"percentile":253},"2026-05-22",0.0636,{"date":255,"score":45,"percentile":256},"2026-05-23",0.06356,{"date":258,"score":45,"percentile":259},"2026-05-24",0.06355,{"date":261,"score":45,"percentile":262},"2026-05-25",0.06335,{"date":264,"score":45,"percentile":265},"2026-05-26",0.06314,{"date":267,"score":45,"percentile":268},"2026-05-27",0.0635,{"date":270,"score":45,"percentile":271},"2026-05-28",0.06439,{"date":273,"score":45,"percentile":274},"2026-05-29",0.06456,{"date":276,"score":45,"percentile":277},"2026-05-30",0.06446,{"date":279,"score":45,"percentile":280},"2026-05-31",0.06432,{"date":282,"score":45,"percentile":283},"2026-06-01",0.06396,{"date":285,"score":45,"percentile":286},"2026-06-02",0.06319,{"date":288,"score":45,"percentile":289},"2026-06-03",0.06276,{"date":291,"score":45,"percentile":292},"2026-06-04",0.06287,{"date":90,"score":45,"percentile":91},[295,299,301],{"source":49,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":296,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":297,"vectorString":50,"impactScore":47,"exploitabilityScore":298},"CRITICAL",10,{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":300,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":297,"vectorString":50,"impactScore":47,"exploitabilityScore":298},{"source":56,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":302,"cvss_v4_0":9},{"baseScore":303,"baseSeverity":9,"vectorString":304,"impactScore":305,"exploitabilityScore":306},8.5,"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",7.8,7.9,[308,326],{"ecosystem":309,"name":310,"vendor":311,"product":312,"cpe_part":9,"purl_type":313,"purl_namespace":311,"purl_name":312,"source":9,"versions":314},"Go","github.com/kyverno/kyverno","github.com/kyverno","kyverno","golang",[315,322],{"version":316,"is_range":317,"range_type":318,"version_start":319,"version_start_type":320,"version_end":321,"version_end_type":320,"fixed_in":9},"gte1_16_0_lte1_17_1",true,"semver","1.16.0","including","1.17.1",{"version":323,"is_range":317,"range_type":318,"version_start":319,"version_start_type":320,"version_end":324,"version_end_type":325,"fixed_in":9},"gte1_16_0_lt1_17_0","1.17.0","excluding",{"ecosystem":9,"name":312,"vendor":312,"product":312,"cpe_part":327,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":328},"a",[329,330],{"version":319,"is_range":43,"range_type":49,"version_start":319,"version_start_type":320,"version_end":319,"version_end_type":320,"fixed_in":9},{"version":331,"is_range":317,"range_type":332,"version_start":319,"version_start_type":320,"version_end":321,"version_end_type":320,"fixed_in":9},"gte1.16.0_lte1.17.1","cpe"]