CVE-2026-58165: Privilege Escalation in OpenZiti
CVE-2026-58165 is a privilege escalation vulnerability in OpenZiti, a zero-trust overlay network. The vulnerability allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator. This can lead to full administrative control of the controller and the zero-trust overlay it manages.