Vulnerability in Defenseunicorns Pepr

CVE-2026-23634

Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting…

EPSS: 0.002 (13.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References