Agents
CVE-2026-5483: Red Hat OpenShift AI Dashboard Leaks Kubernetes Service Account Tokens (CVSS 8.5)
A high-severity vulnerability (CVSS 8.5) in Red Hat OpenShift AI's odh-dashboard component, published April 10, allows disclosure of Kubernetes Service Account tokens via a NodeJS endpoint. Exploitation enables unauthorized access to Kubernetes resources in AI/ML platform deployments. Affected packages include rhoai/odh-dashboard-rhel8 and rhel9 container images. This is significant because OpenShift AI is Red Hat's enterprise ML platform — a token disclosure at this level could compromise entire AI training and inference infrastructure.
Source
↳ Follow the thread