A vulnerability was found in Fission up to 1.23.x . It has been classified as critical . This affects an unknown function of the file pkg/webhook/function.go . The manipulation of the argument secrets[] leads to improper access controls. This vulnerability is referenced as CVE-2026-49824 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.