CVE-2026-1531 – Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification

CVE ID : CVE-2026-1531

Published : Feb. 2, 2026, 6:16 a.m. | 59 minutes ago

Description : A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…