Kyverno policy engine contains a critical vulnerability in its ConfigMap context loader that allows namespace administrators to read ConfigMaps from any namespace. This vulnerability bypasses RBAC controls in multi-tenant Kubernetes clusters by exploiting the lack of validation in the configMap.namespace field. The issue is similar to a previously patched vulnerability CVE-2026-22039 but affects a different component. Attackers can leverage Kyverno's privileged service account to access unauthorized ConfigMaps across namespaces. A fix is available in version 1.17.2.