Red Hat OpenShift Pipelines was the subject of multiple security advisories, including one affecting the Fulcio component used by the OpenShift Pipelines Operator. One disclosed flaw was reported to allow denial of service, raising the risk of service disruption in environments that rely on the operator’s signing and pipeline-related functionality.
A later advisory reported multiple vulnerabilities in Red Hat OpenShift Pipelines, indicating broader security exposure beyond the previously disclosed Fulcio issue. Organizations running OpenShift Pipelines should review the affected product versions, assess exposure across pipeline and operator deployments, and prioritize vendor-recommended updates or mitigations to reduce the risk of disruption or further compromise.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
2 events from the most recent confirmed update back to the earliest known activity.
dCERT published advisory 2026-1226 for Red Hat OpenShift Pipelines describing multiple vulnerabilities affecting the product.
dCERT published advisory 2026-0198 covering a vulnerability in the Red Hat OpenShift Pipelines Operator component Fulcio that could allow denial of service.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
2 references tracked. Mallory keeps watching after this page renders.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.