Chaos-Mesh: >> Chaos Mesh >> 2.6.7 Security Vulnerabilities
The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-09-15
The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.
CVSS Score
9.8
EPSS Score
0.007
Published
2025-09-15
The killProcesses mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-09-15
The cleanIptables mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-09-15