A vulnerability, which was classified as problematic , has been found in Fission up to 1.24.x . The impacted element is the function HTTPTriggerSpec.Validate of the component Direct Kubernetes REST API . Performing a manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability is known as CVE-2026-50569 . Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.