The cert-manager Operator for Red Hat OpenShift extends Kubernetes by managing certificate authorities and certificates as native API resources. Several vulnerabilities (CVE-2025-61727, CVE-2025-61729, CVE-2025-66418, CVE-2025-66471, CVE-2026-21441) have been identified affecting version 1.18.1 and related images. The Red Hat advisory (RHSA-2026:1042) classifies these issues as important with high severity but does not provide detailed technical exploit information or CVSS metrics. The operator supports automatic upgrades if the installation uses the default Automatic approval policy; otherwise, manual approval is required. No explicit patch or fix details are provided beyond upgrading the operator to the latest image.

The vulnerabilities affect the cert-manager Operator for Red Hat OpenShift, potentially impacting certificate management within Kubernetes clusters. The advisory assigns a high severity rating but does not specify the exact impact or exploitation details. There are no known exploits in the wild at this time. The lack of detailed CVSS scoring or technical exploit information limits precise impact assessment.

Red Hat recommends ensuring all previously released errata are applied before upgrading. If the operator's installation uses the default Automatic approval policy, the upgrade to the fixed operator version will occur automatically, requiring no user action. For Manual approval policy users, manual approval of the upgrade is necessary. Users should follow the official Red Hat OpenShift cert-manager Operator documentation for upgrade procedures. Since no explicit patch details are provided, upgrading the operator to the latest available version is the primary mitigation step.