4/21/2026 at 6:11:58 PM
CVE-2026-32604 and CVE-2026-32613 are both 10.0 severity vulnerabilities in the Spinnaker continuous delivery platform which allow attackers to execute arbitrary code and access credentials for production environments and source control.They're a natural path for moving from a compromised workstation to more sensitive areas.
The blog post contains a comprehensive technical breakdown and working POCs.
by NonStopOyster