HomeCVE Intelligence › CVE-2026-44795
CVSS 8.5 HIGH Vulnerability

CVE-2026-44795: Spinnaker has uon-safe yaml deserialization, allowing RCE when using specific types

Impact There's an unsafe YAML processing vulnerability that bypasses safe deserialization. This impacts users when when performing: CloudFormation deployments CloudFoundry Baking The usage of a non-safe constructor use…

8.5CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-44795
Vendormaven
Affected Productio.spinnaker.rosco:rosco-core
Vulnerability TypeVulnerability
CVSS Score8.5 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Impact

• CloudFormation deployments
• CloudFoundry Baking The usage of a non-safe constructor use allows arbitrary loading of Java classes leading to RCE.

There's an unsafe YAML processing vulnerability that bypasses safe deserialization. This impacts users when when performing:

Patches 2025.3.3, 2026.0.3 and 2025.4.4.

Workarounds

Disable the CloudFormation system and cloudfoundry baking operations.

Resources

Join Spinnaker on Slack for more information!

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-44795 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence