Vulnerability in Red Hat OpenShift AI's ODH Dashboard Exposes Service Account Tokens
CVE-2026-5483

8.5HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Openshift Ai 2.16; Red Hat Openshift Ai 3.3; Red Hat Openshift Ai (rhoai)
Vendor: CVE Published:; 10 April 2026

🔔 Create Red Hat Vulnerability Alert

What is CVE-2026-5483?

A flaw exists within the ODH Dashboard component of Red Hat OpenShift AI that could lead to the unintended exposure of Kubernetes Service Account tokens via an insecure NodeJS endpoint. This vulnerability allows unauthorized individuals to potentially access sensitive Kubernetes resources, increasing the risk of security breaches and data leaks.

Affected Version(s)

Red Hat OpenShift AI 2.16 sha256:0a983da3de4ce816435e23da23c4b6f373008aaf2df2b9820bdcc77a9a110341

Red Hat OpenShift AI 3.3 sha256:14ee2bbd445b8a988c487d4b4a7b02ff9afe1c07034b4bba073a5a8263e3293e

References

https://access.redhat.com/errata/RHSA-2026:7397

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:7403

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/security/cve/CVE-2026-5483

vdb-entryx_refsource_REDHAT

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2026
Vulnerability Reserved
Apr 3, 2026

CVE-2026-5483 Data

.