CVE-2025-46569 is a high-severity vulnerability affecting Open Policy Agent (OPA) versions prior to 1.4.0. OPA is an open-source, general-purpose policy engine widely used for policy-based control in cloud-native environments, microservices, and infrastructure automation. When OPA is run as a server, it exposes an HTTP Data API that allows clients to read and write policy documents. The vulnerability arises from how OPA constructs Rego queries from HTTP request paths when accessing virtual documents through the Data API. Specifically, an attacker can craft a malicious HTTP request path that injects arbitrary Rego code into the query. Although the evaluation result is constrained to data generated by the requested path, the injected code can manipulate the query’s success or failure, enabling oracle attacks or causing erroneous policy decisions. Additionally, the injected Rego code can be computationally expensive, potentially leading to Denial of Service (DoS) conditions by exhausting server resources. Exploitation requires network access to OPA’s RESTful API and low privileges (limited authentication), but no user interaction is necessary. The vulnerability has been addressed in OPA version 1.4.0. As a workaround, restricting network access to OPA’s API to localhost or trusted networks can mitigate exposure. The CVSS 4.0 base score is 7.4, reflecting high severity due to network attack vector, low attack complexity, partial privileges required, and high impact on confidentiality and availability. No known exploits are currently reported in the wild.

For European organizations, this vulnerability poses significant risks, especially for those leveraging OPA in critical infrastructure, cloud services, or regulated environments such as finance, healthcare, and government. Erroneous policy decisions can lead to unauthorized access or denial of legitimate access, undermining confidentiality and integrity of sensitive data and systems. The potential for oracle attacks could allow attackers to infer sensitive information indirectly through policy evaluation outcomes. The DoS aspect could disrupt availability of policy enforcement, causing service outages or degraded performance. Given OPA’s growing adoption in Kubernetes admission control, API gateways, and CI/CD pipelines, exploitation could cascade into broader operational impacts. Organizations relying on OPA for compliance enforcement or security policy automation may face compliance violations or increased attack surface. The risk is amplified in multi-tenant or cloud environments where OPA instances are exposed beyond localhost or trusted networks.

1. Upgrade all OPA deployments to version 1.4.0 or later immediately to apply the official patch addressing this vulnerability. 2. Restrict network access to OPA’s HTTP Data API by configuring firewalls, network policies, or service mesh rules to allow only localhost or tightly controlled trusted networks. 3. Implement strict authentication and authorization controls on OPA endpoints to limit access to privileged users or services. 4. Monitor OPA logs and network traffic for unusual or malformed HTTP request paths that could indicate attempted exploitation. 5. Use rate limiting and resource quotas on OPA servers to mitigate potential DoS attacks caused by computationally expensive Rego queries. 6. Review and harden Rego policies to minimize complexity and avoid constructs that could be exploited for oracle or DoS attacks. 7. In containerized or orchestrated environments, leverage pod security policies or admission controllers to enforce network restrictions and limit exposure. 8. Conduct regular security assessments and penetration testing focusing on policy engines and their APIs to detect similar injection or authorization flaws.