Home > Vulnerability Database > CVE-2026-1530

Mend.io Vulnerability Database

CVE-2026-1530

Good to know:

Date: February 2, 2026

A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise.

Severity Score

8.1

Related Resources (11)

Url: https://github.com/fog/fog-kubevirt/commit/8371e9ded99f9ec3e74caf2f283836109763e450

Url: https://github.com/fog/fog-kubevirt/releases/tag/v1.5.1

Url: https://github.com/fog/fog-kubevirt/pull/168

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2433784

Url: https://github.com/fog/fog-kubevirt/commit/9603d79a239a0f68bedfc679cd1b65fbf6ec4753

Url: https://access.redhat.com/security/cve/CVE-2026-1530

Url: https://github.com/fog/fog-kubevirt

Url: https://github.com/fog/fog-kubevirt/blob/8adb03e07972d6e19a7713ecf2a827aa2cfe4b9e/CHANGELOG.md?plain=1#L11

Url: https://nvd.nist.gov/vuln/detail/CVE-2026-1530

Url: https://github.com/rubysec/ruby-advisory-db/blob/master/gems/fog-kubevirt/CVE-2026-1530.yml

Url: https://www.mend.io/vulnerability-database/CVE-2026-1530

Severity Score

8.1

Weakness Type (CWE)

Improper Certificate Validation

CWE-295

Top Fix

Upgrade Version

Upgrade to version fog-kubevirt - 1.5.1;fog-kubevirt - 1.5.1;https://github.com/fog/fog-kubevirt.git - 1.5.1

Learn More

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2026-1530

Good to know:

Date: February 2, 2026

Severity Score

Related Resources (11)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?