Auth bypass in Akuity Kargo

CVE-2026-27111

Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a…

Vulnerability class: Broken Access Control

EPSS: 0.000 (10.4th percentile) — read the EPSS interpretation.

Affected products

Akuity Kargo — versions >= 1.9.0, < 1.9.3

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

https://github.com/akuity/kargo/security/advisories/GHSA-5vvm-67pj-72g4 (x_refsource_CONFIRM)
https://github.com/akuity/kargo/commit/833314cad5513d48d89431493325ae44c1324a49 (x_refsource_MISC)